\subsection{002: address inertia}\subsubsection{002: Definition of requirement}The essence of this requirement is that gateway's can remember where thewild-side address of road warriors are. Should a reboot (or a restart of\pluto\ ) occur, it would re-initiate to these clients.There are three levels of support which may be desireable:\begin{enumerate}\item[Level 1] 	record only the wild-side address for re-initiation.\item[Level 2]  record the wild-side address, and all current phase 1 (DH and			SKEYID) keying materials.\item[Level 3] 	record the wild-side address, and phase 1 and phase 2 keying materials.\end{enumerate}\subsubsection{002: response}Satisfaction of level 1 of this requirement will require changes only to \pluto, specifically to provide a way to get a list of current connections,to record this in a stable file, and a for the boot up scripts to read thealternate list of configurations as well. So, this requirement can besatisfied without impact to KLIPS2 design.Level 2 of this requirement has some issues. The storage of keying materialon disk may be a source of concern. This issue would need to be addressedin the design. The source of this requirement is to provide reliable recoveryand fast reboots, systems that involve operator intervention may not satisfythis. The chief advantage of storing the phase 1 information is that itreduces the amount of time required to do DH exponentiation after a reboot. A new phase 2 would have to be done as well.Level 3 of this requirement has further issues. It requires some help fromKLIPS2 to provide for the retrieval of keying materials (including replaystate) from the kernel, and subsequent reloading of it. There are clearlyeven more issues with making sure that the materials are not inappropriatelyrevealed. In addition, the state of eroutes, filtering, etc. will need to becaptured. Saving of this information may have very strong advantages in theopportunistic case, as the information on whether or not to set up anopportunistic tunnels is valuable as well. Further, in the opportunisticcase the risk of disclosure of the keying material may be considered lowenough that storing it is worthwhile.In all three cases, there is a cost-benefit analysis to do, weighing theimprovements in reliability and performance against the risks ofinappropriate disclosure. The answer to this analysis may always be a localmatter. In addition, all three cases would apply to restarting of \pluto\ either onpurpose (to facilitate easy updates), or due to program error (core dump).There are further legal issues. Access to the keying materials may facilitate cooperation with law enforcement access. This is not regarded as a feature.Opportunistic encryption would benefit from any amount of key maintenance.Road warriors are the ones most likely to benefit as they are turnedoff/suspended most often. However, their wildside address is also most likely to change, rendering any saved state that they have useless.