<title>ikev2: accept key exchange on CREATE_CHILD_SA</title>
<updated>2022-08-18T08:03:13+00:00</updated>
<author>
<name>Atzm Watanabe</name>
<email>atzmism@gmail.com</email>
...</author>
<published>2022-08-12T05:29:31+00:00</published>
<link rel="alternate" type="text/html" href="http://git.fd.io/vpp/commit/?id=c65921f7744a0da09ede876b6588628e3a188529"/>
<id>urn:sha1:c65921f7744a0da09ede876b6588628e3a188529</id>
<content type="text">
In RFC 7296, CREATE_CHILD_SA Exchange may contain the KE payload
to enable stronger guarantees of forward secrecy.
When the KEi payload is included in the CREATE_CHILD_SA request,
responder should reply with the KEr payload and complete the key
exchange, in accordance with the RFC.
Type: improvement
Signed-off-by: Atzm Watanabe <atzmism@gmail.com>
Change-Id: I13cf6cf24359c11c3366757e585195bb7e999638
</content>