[AFS3-std] rxgk: Rekeying
Jeffrey Hutzelman
jhutz@cmu.edu
Sun, 22 Nov 2009 22:22:15 -0500
--On Wednesday, October 14, 2009 08:56:40 AM -0400 Chaskiel Grundman
<cg2v@andrew.cmu.edu> wrote:
> Does there necessarily have to be a transparent rekeying operation? Why
> not just have the application layer return VICETOKENDEAD or some such and
> have the client create a new connection (the cm already has code for
> this...)
That was the original intent, so far as I can remember.
We (Jeff Altman, Love, and I) actually discussed the possibility of
allowing for rekeying, and decided it wasn't worth the effort. If either
party wants to enforce a maximum key life, in time or bytes, he can simply
refuse to use the connection after that.