On Mon, Jul 04, 2016 at 05:03:12PM +0300, Ilari Liusvaara wrote: > - KeyUpdate does not work in DTLS. Might just use epochs for similar > purpose, and reserve first few epochs for special purposes.
Eeh... Epochs have the problem that processing records with epochs far into the future is expensive (even to reject records in failed MAC check). This problem didn't turn out to be trivial... :-/ -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
