Hi Curtis,
You might want to say "for doing *session* key rollovers". The persistant key rollover would need a different mechanism.
I had actually meant a persistant key rollover. Why would this mechanism not work there?
Assume A and B are speaking to each other and A now wants to move to a different key. All it needs to do is to generate a new Nonce that will be fed into the KDF that B will use to generate the new traffic key.
Also note that the keys used in this proposal will not be symmetrical. Cheers, Manav _______________________________________________ OSPF mailing list [email protected] https://www.ietf.org/mailman/listinfo/ospf
