I Agree, I think it's important to be able to do key refresh although there are some cases that won't need it.
Cullen On Feb 25, 2010, at 4:56 AM, Konstantinos Birkos wrote: > Dear all, > > I would like to discuss the possibility of periodically refreshing the keying > material of the participating peers in the overlay as well as certificate > revocation in case malicious activity is detected. > I am talking about each peer periodically creating new public/private key > pairs and producing or receiving new certificates that bind its NodeID to the > new public keys. A key refresh mechanism would put a barrier to attackers who > could have compromised certain peers and would make attacks based on > cryptanalysis tools even more difficult. > We are actually developing a mechanism and we would like to discuss its > applicability and its importance with the WG. > > Kind Regards, > Konstantinos Birkos > -- > Konstantinos Birkos > PhD Candidate > Wireless Telecommunication Laboratory > Department of Electrical and Computer Engineering > University of Patras > Patras, Greece > Tel.: +30 2610 996465 > > _______________________________________________ > P2PSIP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/p2psip Cullen Jennings For corporate legal information go to: http://www.cisco.com/web/about/doing_business/legal/cri/index.html _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
