nanog mailing list archives
RE: key change for TCP-MD5
From: "David Schwartz" <davids () webmaster com>
Date: Thu, 22 Jun 2006 15:19:11 -0700
How often do you think keys should change?
Arguably, any time someone who had access to the key is no longer supposed to have such access.
I've never had anyone ask to change keys for about 50 session-years.
I guess the question the question is whether that's because they really never needed to, really didn't think about, or really didn't want to suffer the hassle and so just accepted the risk. DS
Current thread:
- Re: key change for TCP-MD5, (continued)
- Re: key change for TCP-MD5 Jared Mauch (Jun 19)
- Re: key change for TCP-MD5 Steven M. Bellovin (Jun 19)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 19)
- Re: key change for TCP-MD5 Randy Bush (Jun 19)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 19)
- Re: key change for TCP-MD5 Randy Bush (Jun 19)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 19)
- Re: key change for TCP-MD5 Edward B. DREGER (Jun 19)
- Message not available
- Re: key change for TCP-MD5 Steven M. Bellovin (Jun 22)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 22)
- RE: key change for TCP-MD5 David Schwartz (Jun 22)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 20)
- Re: key change for TCP-MD5 Randy Bush (Jun 20)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 20)
- Re: key change for TCP-MD5 Crist Clark (Jun 20)
- Re: key change for TCP-MD5 Richard A Steenbergen (Jun 20)
- Re: key change for TCP-MD5 Warren Kumari (Jun 20)