> reports of current ISP behavior wrt TCP MD5 keys seems to be that they > currently decide never to change keys at all, ironically.
currently, you would have to synch simultaneous config changes at both ends of the wire, not reasonable. and, instead of vendors doing the simple hack of rfc 4808, we've been waiting five+ years for the promised nirvana of tcp-ao. a kewpie doll for the first person who can cite a real deployed tcp-ao implementation. randy _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
