> This is the present babel conf file format:
> key id key1 type sha1 value deadbeefdeadbeefdeadbeefdeadbeefdeadbeef
> key id key2 type sha1 value dea2f0d01a57b0071057a11da7adeadbeeff
> interface enp7s0 unicast false hmac key1
> interface wg1 hmac key2
Right. It currently cannot be updated
Toke Høiland-Jørgensen writes:
> Dave Taht writes:
>
>> On Wed, Nov 28, 2018 at 12:23 PM Toke Høiland-Jørgensen wrote:
>>>
>>> Dave Taht writes:
>>>
>>> > Toke Høiland-Jørgensen writes:
>>> >
>>> >> Dave Taht writes:
>>> >>
>>> >>> so we invent a new keyword "serial".
>>> >>
>>> >> So what
Dave Taht writes:
> On Wed, Nov 28, 2018 at 12:23 PM Toke Høiland-Jørgensen wrote:
>>
>> Dave Taht writes:
>>
>> > Toke Høiland-Jørgensen writes:
>> >
>> >> Dave Taht writes:
>> >>
>> >>> so we invent a new keyword "serial".
>> >>
>> >> So what you're trying to express here is the notion of
On Wed, Nov 28, 2018 at 12:23 PM Toke Høiland-Jørgensen wrote:
>
> Dave Taht writes:
>
> > Toke Høiland-Jørgensen writes:
> >
> >> Dave Taht writes:
> >>
> >>> so we invent a new keyword "serial".
> >>
> >> So what you're trying to express here is the notion of a "receive-only"
> >> key that
Dave Taht writes:
> Toke Høiland-Jørgensen writes:
>
>> Dave Taht writes:
>>
>>> so we invent a new keyword "serial".
>>
>> So what you're trying to express here is the notion of a "receive-only"
>> key that is not used for signing outgoing packets, right?
>
>
> No... the old key is retired
Toke Høiland-Jørgensen writes:
> Dave Taht writes:
>
>> so we invent a new keyword "serial".
>
> So what you're trying to express here is the notion of a "receive-only"
> key that is not used for signing outgoing packets, right?
No... the old key is retired from active use in the protocol
Dave Taht writes:
> so we invent a new keyword "serial".
So what you're trying to express here is the notion of a "receive-only"
key that is not used for signing outgoing packets, right? If so, I think
it would be better to express that explicitly as a property of the key
config that can be