[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Three fields: cookie, nonce, and SPI
On Monday, December 2, 2002, at 10:50 AM, Michael Richardson wrote:
> Would it be reasonable to keep the same SPI# as a *persistent*
> connection
> identifier? i.e. that remains the same across rekeys?
> it also makes is much more clear what one is deleting.
I like this suggestion a lot! It would be a big help to REQUIRE this
across rekeys.
I also agree with Radia's assessment that it would be good to have
individual fields as you're very likely to want to derive SPI's using a
different mechanism than you'd use to generate the anti-clogging tokens
(cookies).
Derrell