Nicolas Williams wrote: > > On Fri, Oct 16, 2009 at 02:13:13PM -0700, Laganier, Julien wrote: > > Nicolas Williams wrote > > > Perhaps the WG would say that we should REQUIRE that the key > manager > > > initiate IKE/child SAs ahead of any triggering packet as a > > > simplification of the model (then we don't need a LARVAL state). > But I > > > could certainly see implementors not wanting to do that (for one it > > > makes the CREATE_CONNECTION_LATCH() call slow). > > > > I think this is the external behavior that we want to capture. The > > specifics of how a given implementation achieves that need not to be > > specified in the RFC as long as the conceptual behavior is clear and > > guarantees interoperability. > > Let me re-think the text. Perhaps I'll simply add a note that an > implementor whose key manager does not immediately initiake IKE/child > SAs on CREATE_CONNECTION_LATCH() must have a larval state that we don't > describe. > > Would that work? Yup - sounds good. (and maybe transient or intermediate is better than larval to describe that state...) --julien
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.