[Swan-dev] what's in the name parent_sa or ike_sa?

Andrew Cagney andrew.cagney at gmail.com
Tue Feb 20 15:13:52 UTC 2018


As you've all noticed I've been tweaking functions here and there
replacing 'struct state' with with the more specific 'struct ike_sa'.
It is so that in crypto and some other code I no longer need to wonder
if the state is a parent or child.  But there's the problem - notice
how my description used the term 'parent' and not 'IKE SA':

- IKE SA is the term used by IKEv2 (parent doesn't appear in the RFC)
- I suspect the IKEv1 word might be ISAKMP SA (regardless 'parent'
doesn't appear there either)
- Given a naming choice I try to lift terms found in the IKEv2 RFC
(IKEv2 does use the term CHILD SA, I suspect IKEv1 used IPSEC SA)

however:

- pluto is littered with comments and macros referring to parent

so I wonder if, for pluto and its code base, parent_sa would be a better term

Andrew


More information about the Swan-dev mailing list