[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Phase 1 KB lifetime
>>>>> "Dan" == Dan Harkins <dharkins@network-alchemy.com> writes:
Dan> I'd like to nip this in the bud. The "just go ahead and enforce
Dan> a lifetime, just don't tell me about it" combined with
Dan> "implementations are not required to interperet lifetime
Dan> notifies" is probably the reason that people have problems with
Dan> rekeying.
I don't think so. The reason people are having problems with rekeying
is that the rekeying process is subject to all sorts of timing windows
and race conditions, as Tim Jenkins has documented in fine detail. If
the case you mention is an issue at all, it's just a small one out of
dozens.
Dan> It is _never_ a good idea to just enforce a lifetime without
Dan> telling the peer (assuming, as we all remember from 3rd grade,
Dan> makes an ass out of you and me).
I quite disagree. The protocol works if someone rekeys at a time of
their choosing for reasons of their choosing. Or at least it appears
to; if it doesn't work for that case then the protocol is defective
and needs to be repaired.
Therefore, it isn't actually necessary to tell the peer about
lifetimes you enforce. I still don't understand why that stuff is in
the protocol at all.
Dan> Similarly it is _never_ a good
Dan> idea to ignore the lifetime notify a peer gives you.
Ditto.
paul
Follow-Ups:
References: