[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: dynamic ports vs. rekeying

To: IP Security List <ipsec@lists.tislabs.com>
Subject: Re: dynamic ports vs. rekeying
From: Henry Spencer <henry@spsystems.net>
Date: Sat, 6 Apr 2002 00:54:17 -0500 (EST)
In-Reply-To: <001601c1dcfd$91bca320$1e72788a@ca.alcatel.com>
Sender: owner-ipsec@lists.tislabs.com

On 5 Apr 2002, Andrew Krywaniuk wrote:
> On the subject of rekeying, I agree that using the old phase 1s until they
> expired (as specified in draft-jenkins) didn't work, but the immediate
> switch-over in draft-specncer is too hasty.

I assume you're speaking in the context of rekeying which also plays games
with selectors?  Without that, we have extensive operational proof that
the immediate cutover works just fine... 

                                                          Henry Spencer
                                                       henry@spsystems.net

Follow-Ups:
- RE: dynamic ports vs. rekeying
  - From: "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com>

References:
- dynamic ports vs. rekeying
  - From: "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com>

Prev by Date: Re: Is TS agreement necessary?
Next by Date: No Subject
Prev by thread: RE: dynamic ports vs. rekeying
Next by thread: RE: dynamic ports vs. rekeying
Index(es):
- Date
- Thread