key change for TCP-MD5
Iljitsch van Beijnum
iljitsch at muada.com
Tue Jun 20 19:16:05 UTC 2006
On 20-jun-2006, at 21:12, Bora Akyol wrote:
> The draft allows you to have a set of keys in your keychain and
> the implementation tries all of them before declaring the segment
> as invalid.
> No time synchronization required. No BGP message required.
What if we agree to change the key on our BGP session, I add the new
key on my side and start sending packets using the new key, while you
don't have the new key in your configuration yet?
More information about the NANOG
mailing list