[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Phase 1 KB lifetime
On Wed, 19 Jan 2000 10:14:38 EST you wrote
>
> Dan> It is _never_ a good idea to just enforce a lifetime without
> Dan> telling the peer (assuming, as we all remember from 3rd grade,
> Dan> makes an ass out of you and me).
>
> I quite disagree. The protocol works if someone rekeys at a time of
> their choosing for reasons of their choosing. Or at least it appears
> to; if it doesn't work for that case then the protocol is defective
> and needs to be repaired.
The protocol may work (or at least appear to-- quite a weak statement)
but is that a reason to do this? No. You're free to rekey anytime you
want but if you choose to enforce a lifetime different than that which
you _expressly agreed to_ why wouldn't you want to notify the peer?
The only reason not to do this I can see is programmer laziness.
> Therefore, it isn't actually necessary to tell the peer about
> lifetimes you enforce. I still don't understand why that stuff is in
> the protocol at all.
To minimize the problematic windows that Tim Jenkins has documented
in fine detail.
> Dan> Similarly it is _never_ a good
> Dan> idea to ignore the lifetime notify a peer gives you.
>
> Ditto.
Ditto.
Dan.
References: