North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: key change for TCP-MD5

  • From: Iljitsch van Beijnum
  • Date: Mon Jun 19 13:23:25 2006

On 19-jun-2006, at 19:10, Randy Bush wrote:

try reading more carefully

Didn't help...

how sad, as the whole document is about how to usefully be able
to introduce and roll to new keys without agreeing on a narrow
time.
Well, as you can tell from my message just now, I don't think going from agreeing on a narrow time to agreeing on a wider time is worth the trouble, especially since by adding a BGP message it would be possible to roll over if and as soon as both sides are ready, removing the "wait for some time and then see whether the other end really installed the new key" part from the proceedings.