North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: key change for TCP-MD5

  • From: David Schwartz
  • Date: Thu Jun 22 18:20:53 2006

> How often do you think keys should change?

	Arguably, any time someone who had access to the key is no longer supposed
to have such access.

> I've never had anyone ask
> to change keys for about 50 session-years.

	I guess the question the question is whether that's because they really
never needed to, really didn't think about, or really didn't want to suffer
the hassle and so just accepted the risk.