[Swan-dev] IKEv1: Remove all IPsec SA's of a connection when newest SA is removedrefs/heads/master

D. Hugh Redelmeier hugh at mimosa.com
Thu Aug 27 00:16:33 EEST 2015

Previous message: [Swan-dev] IKEv1: Remove all IPsec SA's of a connection when newest SA is removedrefs/heads/master
Next message: [Swan-dev] IKEv1: Remove all IPsec SA's of a connection when newest SA is removedrefs/heads/master
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

| From: Paul Wouters <paul at nohats.ca>

| It is not authenticated, but you can remember the payload and once the
| connection has authenticated, you can kill the old one based on having
| received the payload.

No, because a man in the middle could have added the payload.  If I
remember correctly.

Previous message: [Swan-dev] IKEv1: Remove all IPsec SA's of a connection when newest SA is removedrefs/heads/master
Next message: [Swan-dev] IKEv1: Remove all IPsec SA's of a connection when newest SA is removedrefs/heads/master
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Swan-dev mailing list