Re: Some questions about "SSH Transport Layer Encryption Modes"

To: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Subject: Re: Some questions about "SSH Transport Layer Encryption Modes"
From: Markus Friedl <markus%openbsd.org@localhost>
Date: Thu, 16 Oct 2003 10:29:14 +0200

On Thu, Oct 16, 2003 at 07:36:48PM +1300, Peter Gutmann wrote:
> - Section 3 talks about re-keying, but there seems to be some ambiguity in
>   implementations about how to handle re-keying (specifically, what to do with
>   data flows in progress when the re-key happens).  How viable is the re-
>   keying approach really?

i think this has been discussed before. during
rekeying (after KEXINIT is sent), only kex exchange related
messages are allowed, so application data has to wait.

References:
- Some questions about "SSH Transport Layer Encryption Modes"
  - From: Peter Gutmann

Prev by Date: Some questions about "SSH Transport Layer Encryption Modes"
Next by Date: Russ Housley: IESG comments on draft-ietf-secsh-auth-kbdinteract-05.txt
Previous by Thread: Some questions about "SSH Transport Layer Encryption Modes"
Next by Thread: Re: Some questions about "SSH Transport Layer Encryption Modes"
Indexes:

Home | Main Index | Thread Index | Old Index