key change for TCP-MD5

• Previous message (by thread): key change for TCP-MD5
• Next message (by thread): key change for TCP-MD5
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 20-jun-2006, at 21:12, Bora Akyol wrote:

> The draft allows you to have a set of keys in your keychain and
> the implementation tries all of them before declaring the segment
> as invalid.

> No time synchronization required. No BGP message required.

What if we agree to change the key on our BGP session, I add the new  
key on my side and start sending packets using the new key, while you  
don't have the new key in your configuration yet?

• Previous message (by thread): key change for TCP-MD5
• Next message (by thread): key change for TCP-MD5
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]