[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Manual keying and replay prevention
> Note that support for manual key distribution is required, but
> its use is inconsistent with the anti-replay service, and thus a
> compliant implementation must not negotiate this service in
> conjunction with SAs that are manually keyed.
>
> Why not?
The wording seems convoluted; as my impression was that manual keying
implies that no negotiation takes place.
I think the issue with manual keying and replay is recovery from a
reboot.. unless you store the receive-side replay state in stable
storage as each packet is processed, you can't allow the SA to survive
a crash without running the risk that you'll accept a replayed packet.
(On the send side, you could checkpoint every N packets, and waste up
to N packets of sequence space on a reboot. if you tried a similar
hack on the receive side, you'd wind up needing to *ignore* up to N
incoming in-sequence un-replayed packets..)
Also, there's the issue of what to do when the replay counter maxes
out..
- Bill
Follow-Ups:
References: