> Yes, you'd need implausible to impossible lifetimes of the client/server > pairing for these to ever become a problem. But again, when key rollover > gets implemented as indicated in the RFC, those will stop being useful on the > second rollover.
What stops being useful when K rolls over is old cookies. C2S and S2C are used to authenticate the packets and also to encrypt new replacement cookies from server to client. There is no roll over mechanism for C2S or S2C. They get refreshed if you go through NTS-KE again, but that doesn't happen during normal operations. You need to do something like drop 8 packets in a row. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
