Matthias Drochner <M.Drochner%fz-juelich.de@localhost> writes: >> But the key >> question is what the other implementions do, and what the standard says. > > I've just tried OpenBSD's isakmpd (the oldish version in pkgsrc). > It initiates a Phase 2 exchange if the soft timeout on its > side expires, even if it was responder initially. (It randomizes > the soft timeouts to minimize the chance that both sides start > the exchange simultanously.) > PFC2409 says that both sides can initiate rekeying. "Can" -- > this is not much of a guideline for implementors. True, but it seems the original responder initiating a renegotiation is the only reasonable behavior. >> I can see the argument that especially with a 24h or less >> lifetime, AES doesn't need volume-based rekeying. > > OK, I was more concerned about interoperability. What if > the other side insists in some volume limit? Then I think it's in the proposal, and agreed to or not. But if the other side just asks to renew the phase 2 sa, I think that works, standards wise, and might actually work.
Description: PGP signature