[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SA lifetime and key lifetime

To: ipsec@tis.com
Subject: SA lifetime and key lifetime
From: Naganand Doraswamy <naganand@ftp.com>
Date: Tue, 03 Dec 1996 15:36:36 -0500
Sender: owner-ipsec@ex.tis.com

Is it necessary to have two different lifetimes? It makes sense to have
different lifetimes when we refresh the keys when the key lifetime expires
based on some cached data that was established during SA negotiation.
However, in case of ISAKMP the procedure for modifying an SA is to delete
the SA and create a new SA, if I understand it correct. In this case, it
does not make sense to have two different lifetimes. 


--Naganand
----------------------------------------------------------------
naganand@ftp.com
Tel #: (508)684-6743 (O)

Prev by Date: Terminology: what do you call a set of related SA/SPI's?
Next by Date: Re: ISAKMP DELETE payload
Prev by thread: Re: Terminology: what do you call a set of related SA/SPI's?
Next by thread: IPsec Implementation Survey update
Index(es):
- Main
- Thread