[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

COPS key management question

To: rap@ops.ietf.org
Subject: COPS key management question
From: vinay <mietf@yahoo.com>
Date: Fri, 12 Jan 2001 07:10:42 -0800 (PST)
Delivery-date: Fri, 12 Jan 2001 07:11:03 -0800
Envelope-to: rap-data@psg.com

Hi
Section 4.2 ( Key Maintenance) in RFC 2748 mentions :
It is good practice to regularly change keys. Keys
MUST be configurable such
that their lifetimes overlap allowing smooth
transitions between keys. At
the midpoint of the lifetime overlap between two keys,
senders should
transition from using the current key to the
next/longer-lived key.
Meanwhile, receivers simply accept any identified key
received within its
configured lifetime and reject those that are not. 
Does this mean that everytime a key is changed, the
open session should be closed
and the security and sequence number negotiation be
done again ( i.e. by
reconnecting and sending an OPN message with the new
key id in the integrity
object after closing the previous session ..) ?
Thanks,
Vinay



__________________________________________________
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/

Prev by Date: RE: draft-santitoro-rap-policy-errorcodes-01.txt
Next by Date: RE: draft-santitoro-rap-policy-errorcodes-01.txt
Prev by thread: I-D ACTION:draft-ietf-rap-sppi-04.txt
Next by thread: RE: COPS key management question
Index(es):
- Date
- Thread