[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Byte-count lifetime enforcement?

To: Dan McDonald <danmcd@Eng.Sun.Com>
Subject: Re: Byte-count lifetime enforcement?
From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>
Date: Fri, 26 Jun 1998 21:56:47 -0400
Cc: ipsec@tis.com
In-reply-to: Your message of "Fri, 26 Jun 1998 18:46:54 PDT." <199806270146.SAA14958@kebe.eng.sun.com>
Sender: owner-ipsec@ex.tis.com

-----BEGIN PGP SIGNED MESSAGE-----

To: Dan McDonald <danmcd@Eng.Sun.Com>
Subject: Re: Byte-count lifetime enforcement? 
Cc: ipsec@tis.com
Date: 06/26/98, 21:56:47


I don't think this is an issue; to begin with, the counters *will* get
out of sync (unless you don't lose any packets at all). Whoever
expires first will cause another key negotiation. So, implement
whatever makes you happy (within reason, I suppose).
- -Angelos

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAwUBNZRRX70pBjh2h1kFAQFhpQP9EJZX4lLsBkiAf2MOt9imN3ZUW2gHzQOF
SCb2gmsHZaoDPz4OrrTA4r5Wc+9jzEyGxk8bDPxBU/jqBXU6G4pDostGyh5Tf+qs
W3JXyZkvmUQ985oxf1W4ZbmkH4ftgriRKiqwShwd5WRq7k1t1suUIKpfszev7JSB
C3xSBze4jww=
=US5V
-----END PGP SIGNATURE-----

References:

Byte-count lifetime enforcement?

From: Dan McDonald <danmcd@Eng.Sun.Com>

Prev by Date: Byte-count lifetime enforcement?
Next by Date: draft for a new authentication mode for IKE
Prev by thread: Byte-count lifetime enforcement?
Next by thread: Re: Byte-count lifetime enforcement?
Index(es):
- Main
- Thread