> On Mar 21, 2023, at 5:26 PM, Alan DeKok <[email protected]> wrote:
>
>>> What if there's no auth method, or auth-type==simple?
>>
>> Another argument for a separate numbering space.
>
> I think that's the best approach.
>
>>> It just keeps going. The sequence number isn't used to derive the 32-bit
>>> Auth-Keys taken from ISAAC. So wrapping doesn't matter to it.
>>
>> I may be confused here.
>>
>> The current sequence number is 2^32 -1, we're on page X for ISAAC.
>> The sequence number wraps to 0 next round. ISAAC would normally generate
>> another page.
>> The index into that page is 0 rather than 2^32 at the API level.
>
> I think the misconception here is that the ISAAC pages depend on the
> sequence numbers. They don't.
I grok it, although I suspect we're speaking past each other.
To save time, what I'd suggest is that if your coauthors agree that discrete
sequence numbers in BFD per auth type (and auth type details, like seed), write
up some text that describes that. It's a change vs. the incompletely specified
procedures for authentication in the main RFC 5880 text.
Once that's done and verbiage reviewed, I think we may be ready to proceed with
WGLC.
-- Jeff
