Hi Bird people When specifying passwords for protocol authentication in the Bird config, it is possible to specify time windows in which the password will be used to sign messages (the 'generate from/to' configuration options), and a separate time window in which that password will be accepted to authenticate a packet (the 'accept from/to' options).
My question is this: What is the purpose of having these two time intervals be separate? I.e., in what deployment scenario is it useful to have a password be accepted to authenticate a message, without also using that password to sign outgoing messages? This question came out of a discussion around whether we should standardise a similar feature in the Babel RFCs. As you can see I'm struggling a little to come up with a definite use case: https://mailarchive.ietf.org/arch/msg/babel/XOahz4fuXXs-nHO4NMGdBwU8AZo -Toke
