[AFS3-std] rxgk: Rekeying

[Chaskiel Grundman]

Does there necessarily have to be a transparent rekeying operation? Why 
not just have the application layer return VICETOKENDEAD or some such and 
have the client create a new connection (the cm already has code for 
this...)

> When the other end receives packets with a later version
> number, it should start sending using a key with that version number, 
> too.
Since my earlier suggestion will undoubtedly lose out....
This should only happen if packets bearing new key version numbers are 
successfully validated. an attacker should not be able to change which key 
one side is using... Also, the size of the key version number space and 
what happens when all available key versions are exhausted should be 
documented.