>> Unless I've missed something -- they are not, assuming you have
>> a sufficiently strong random number generator. The challenge mechanism
>> rebuilds the shared state in a secure manner, and the index mechanism
>> ensures that an (index, seqno) pair is never reused.
> I had a really hard time
> - s2.5 Not sure what the ceremonies around flushing a neighbor are,
> but I'd make explicit signalling EOD at least a SHOULD? It seems more
> polite :-)
> I agree, I upgraded politeness to a SHOULD.
Note however that a neighbour is usually discarded when we loose too many
Hellos
> Yep, all of which speaks to some serious shortcomings of the
> HMAC-based protocol.
The scope of Babel-HMAC is deliberately limited. Babel-HMAC aims to
implement the strict minimum of features that make it useful.
Any deployment that needs features beyond what Babel-HMAC provides should
use
> I'm somewhat dismayed by the firm recommendation to use the HMAC
> mechanism,
Yeah, this could probably be loosened somewhat.
> which doesn't seem particularly robust.
It's designed to be fairly robust. Of course, we may have done things
wrong.
> Offhand, it seems like replays are possible
