[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: simultaneous lifetime type support required?
Are there any recommended lifetimes (both in time and bytes encrypted) for
various ciphers for both phases?
----------------
Stephen Keung (skeung@rainbow.com)
Rainbow Technologies, Inc.
Internet Security Group
> -----Original Message-----
> From: Roy Pereira [SMTP:rpereira@TimeStep.com]
> Sent: Tuesday, July 07, 1998 2:28 PM
> To: Scott G. Kelly; ipsec@tis.com
> Subject: RE: simultaneous lifetime type support required?
>
> You should be able to support both expiry types for both phase 1 and phase
> 2 SAs.
>
> Multiple occurrences of each expiry type is forbidden though.
>
>
> > -----Original Message-----
> > From: Scott G. Kelly [ <mailto:skelly@redcreek.com>]
> > Sent: Tuesday, July 07, 1998 2:23 PM
> > To: ipsec@tis.com
> > Subject: simultaneous lifetime type support required?
> >
> >
> > I recall a discussion regarding the case where lifetimes of both types
> > are specified, i.e. 8 hours or 10MB, whichever occurs first.
> > However, I
> > don't recall the wg's disposition on this matter.
> > Specifically, is this
> > required for phase 1, 2, or both?
> >
> > I found text referring to this in DOI in section 4.5.2 (attribute
> > parsing requirements for lifetime), but haven't found
> > anything in ARCH.
> > Anyone?
> >
> >
> >
>