|Main Archive Page > Month Archives > ipsec archives|
Presumably because MOBIKE is a mobility and multihoming facility for IPsec clients and gateways, i.e., you can change the outer IP addresses. Its not a general SA renegotiation facility.
Yes, it could be done, but I'm not sure that's really within the scope of the feature. Unless we are talking about extension to deal with transport mode, which has been something at least a few people were interested in.
Narayanan, Vidya kirjoitti:
> RFC4555 only allows updates to tunnel endpoint addresses and not
> selectors, etc. Does anyone know why TS updates are not permitted? If
> MOBIKE allowed what an SA rekey would allow, what is the problem?
> Mobike mailing list