nanog mailing list archives
Re: key change for TCP-MD5
From: Iljitsch van Beijnum <iljitsch () muada com>
Date: Mon, 19 Jun 2006 19:22:20 +0200
On 19-jun-2006, at 19:10, Randy Bush wrote:
try reading more carefully
Didn't help...
how sad, as the whole document is about how to usefully be able to introduce and roll to new keys without agreeing on a narrow time.
Well, as you can tell from my message just now, I don't think going from agreeing on a narrow time to agreeing on a wider time is worth the trouble, especially since by adding a BGP message it would be possible to roll over if and as soon as both sides are ready, removing the "wait for some time and then see whether the other end really installed the new key" part from the proceedings.
Current thread:
- key change for TCP-MD5 Steven M. Bellovin (Jun 19)
- Re: key change for TCP-MD5 Joe Maimon (Jun 19)
- Re: key change for TCP-MD5 Steven M. Bellovin (Jun 19)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 19)
- Re: key change for TCP-MD5 Jared Mauch (Jun 19)
- Re: key change for TCP-MD5 Steven M. Bellovin (Jun 19)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 19)
- Re: key change for TCP-MD5 Randy Bush (Jun 19)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 19)
- Re: key change for TCP-MD5 Randy Bush (Jun 19)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 19)
- Re: key change for TCP-MD5 Joe Maimon (Jun 19)
- Re: key change for TCP-MD5 Edward B. DREGER (Jun 19)
- Re: key change for TCP-MD5 Steven M. Bellovin (Jun 22)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 22)
- RE: key change for TCP-MD5 David Schwartz (Jun 22)
- <Possible follow-ups>
- RE: key change for TCP-MD5 Bora Akyol (Jun 20)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 20)
- Re: key change for TCP-MD5 Randy Bush (Jun 20)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 20)
- Re: key change for TCP-MD5 Crist Clark (Jun 20)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 20)
- Re: key change for TCP-MD5 Valdis . Kletnieks (Jun 20)