Re: Some questions about "SSH Transport Layer Encryption Modes"

To: Derek Fawcus <dfawcus%cisco.com@localhost>
Subject: Re: Some questions about "SSH Transport Layer Encryption Modes"
From: Bill Sommerfeld <sommerfeld%east.sun.com@localhost>
Date: Thu, 23 Oct 2003 19:07:21 -0400

> So one would have:
> 
> NONBLOCK_REKEY(response=FALSE), KEXINIT, ...
> 
> and expect back one of:
> 
> NONBLOCK_REKEY(response=TRUE),  NEWKEYS, ...
> UNIMPLEMENTED, NEWKEYS, ...
> NEWKEYS, ...
> 
> Thoughts?

Can this be done asynchronously, early during connection negotiation
(or perhaps well before the rekey is needed)?  That way, you won't
hang waiting for a response which might never arrive...

					- Bill

Follow-Ups:
- Re: Some questions about "SSH Transport Layer Encryption Modes"
  - From: Derek Fawcus

References:
- Re: Some questions about "SSH Transport Layer Encryption Modes"
  - From: Derek Fawcus

Prev by Date: comment on draft-ietf-secsh-transport-16.txt
Next by Date: Re: Some questions about "SSH Transport Layer Encryption Modes"
Previous by Thread: Re: Some questions about "SSH Transport Layer Encryption Modes"
Next by Thread: Re: Some questions about "SSH Transport Layer Encryption Modes"
Indexes:

Home | Main Index | Thread Index | Old Index