[Swan-dev] IKEv1: Remove all IPsec SA's of a connection when newest SA is removedrefs/heads/master
D. Hugh Redelmeier
hugh at mimosa.com
Thu Aug 27 00:16:33 EEST 2015
| From: Paul Wouters <paul at nohats.ca>
| It is not authenticated, but you can remember the payload and once the
| connection has authenticated, you can kill the old one based on having
| received the payload.
No, because a man in the middle could have added the payload. If I
remember correctly.
More information about the Swan-dev
mailing list