Re: [Ipsec] Reauthentication in IKEv2

To: Geoffrey Huang <ghuang at cisco.com>
Subject: Re: [Ipsec] Reauthentication in IKEv2
From: Bill Sommerfeld <sommerfeld at sun.com>
Date: Wed, 10 Nov 2004 20:58:59 -0500
Cc: ipsec at ietf.org, Pasi.Eronen at nokia.com, Yoav Nir <ynir at checkpoint.com>, Tero Kivinen <kivinen at iki.fi>
In-reply-to: <4192C00B.2010802@cisco.com>
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: IP Security <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
References: <125EA890549C8641A72F3809CB80DCCD17839D@esebe056.ntc.nokia.com> <16773.63589.716356.612414@fireball.kivinen.iki.fi> <DD131697-2BED-11D9-B089-000A95834BAA@checkpoint.com> <4187D91E.2090703@cisco.com> <C922EAD9-315E-11D9-B3C7-000A95834BAA@checkpoint.com> <4192C00B.2010802@cisco.com>
Sender: ipsec-bounces at ietf.org

On Wed, 2004-11-10 at 20:27, Geoffrey Huang wrote:

> I can see arguments from both sides, I guess.  Even with your re-auth 
> scheme, a value of "0" seconds could mean "do it now," right?

I'd think so; I'd also hope that the encoding should also allow for
"reauth in 8 hours" notifications as well.

As was pointed out in the secsh working group yesterday for a related
user-authentication timeout, there are also accessibility concerns here;
some people enter text *very* slowly; 3 minutes may not be sufficient
for some.  

						- Bill

_______________________________________________
Ipsec mailing list
Ipsec at ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec

Follow-Ups:
- Re: [Ipsec] Reauthentication in IKEv2
  - From: Geoffrey Huang
- Re: [Ipsec] Reauthentication in IKEv2
  - From: Yoav Nir

References:
- RE: [Ipsec] Reauthentication in IKEv2
  - From: Pasi . Eronen
- RE: [Ipsec] Reauthentication in IKEv2
  - From: Tero Kivinen
- Re: [Ipsec] Reauthentication in IKEv2
  - From: Yoav Nir
- Re: [Ipsec] Reauthentication in IKEv2
  - From: Geoffrey Huang
- Re: [Ipsec] Reauthentication in IKEv2
  - From: Yoav Nir
- Re: [Ipsec] Reauthentication in IKEv2
  - From: Geoffrey Huang

Prev by Date: Re: [Ipsec] Reauthentication in IKEv2
Next by Date: Re: [Ipsec] Query for IPv6 ICV
Previous by thread: Re: [Ipsec] Reauthentication in IKEv2
Next by thread: Re: [Ipsec] Reauthentication in IKEv2
Index(es):
- Date
- Thread

Re: [Ipsec] Reauthentication in IKEv2

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.