On 7/6/2011 7:29 AM, Randy Bush wrote: >>> e.g., if 2 signs with a time and 3 signs with a time, 3 can still replay >>> within 2's window, which one presumes is about as wide as 1's window. >>> no gain, non-trivial pain. >> Because 2 would know its local conditions, and may set the timer >> shorter. > > except 2 had already disconnected from 3. way too much noise for too > little gain.
No --if 2 knows the situation with 3 is problematic, it can reduce the timer on that path. What you're saying is that the originator should control the rate at which connectivity and policy should be allowed to change farther down the graph, because, well, it's too much trouble to do otherwise. What I'm saying is this is an unacceptable tradeoff --if the point is to provide security, then provide security at every hop. Russ _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
