[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Manual keying and replay prevention

To: Rob Glenn <rob.glenn@nist.gov>
Subject: Re: Manual keying and replay prevention
From: Norman Shulman <norm@border.com>
Date: Fri, 4 Apr 1997 15:46:04 -0500
cc: ipsec@tis.com
In-Reply-To: <199704042027.PAA19919@snad.ncsl.nist.gov>
Sender: owner-ipsec@ex.tis.com

On Fri, 4 Apr 1997, Rob Glenn wrote:

> I would guess that it would be difficult to "re-key" before the sequence 
> number would wrap without having a KMP.  In our own implementation (NIST),
> we're simply going to add a SA-Delete before the SN wraps in the case
> of manual key management.   In this case, the manual key management system
> is no longer "completely" manual.

Semi-automatic sounds good to me.

Norm


                   Norman Shulman      Secure Computing Canada
     	        Systems Developer      Tel 1 416 813 2075
                  norm@border.com      Fax 1 416 813 2001

Prev by Date: Re: Manual keying and replay prevention
Next by Date: Re: Manual keying and replay prevention
Prev by thread: Re: Manual keying and replay prevention
Next by thread: Re: Manual keying and replay prevention
Index(es):
- Main
- Thread