[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Text suggestion on computing keymat for rekey

To: "jpickering@creeksidenet.com" <jpickering@creeksidenet.com>
Subject: Re: Text suggestion on computing keymat for rekey
From: Bill Sommerfeld <sommerfeld@east.sun.com>
Date: Tue, 25 Mar 2003 14:19:20 -0500
cc: ipsec@lists.tislabs.com
In-Reply-To: Your message of "Tue, 25 Mar 2003 13:24:15 EST." <3E809ECF.7070902@creeksidenet.com>
Reply-to: sommerfeld@east.sun.com
Sender: owner-ipsec@lists.tislabs.com

> "For purposes of computing keying material for the rekeyed SA, the 
> original initiator
> of the SA is to be considered initiator of the rekeyed SA."

I may well have been part of the same hallway discussion.  One of the
other conclusions that this group came to was that it was somewhere
between extremely helpful and absolutely necessary to add an attribute
in the negotiation which specifically called out *which* SA was being
rekeyed/replaced.  (All you'd need is the SPI of the previous SA).

I hope this also isn't controversial.

						- Bill

Follow-Ups:
- Re: Text suggestion on computing keymat for rekey
  - From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

References:
- Text suggestion on computing keymat for rekey
  - From: "jpickering@creeksidenet.com" <jpickering@creeksidenet.com>

Prev by Date: Text suggestion on computing keymat for rekey
Next by Date: Re: me tarzan- me jane suggested text change
Prev by thread: Text suggestion on computing keymat for rekey
Next by thread: Re: Text suggestion on computing keymat for rekey
Index(es):
- Date
- Thread