Yup, when we were designing this mechanism we had discussed that Nonce must get updated each time a Session ID or something significant changes. It may have dropped out when converting that discussion into the draft format.
Cheers, Manav > -----Original Message----- > From: Sam Hartman [mailto:[email protected]] > Sent: Wednesday, February 02, 2011 6.32 PM > To: Rajesh Shetty > Cc: Bhatia, Manav (Manav); [email protected]; 'Sam Hartman'; [email protected] > Subject: Re: [OSPF] [karp] Security Extension for OSPFv2 when > using Manual KeyManagement > > It's quite possible that this bug exists in the current draft. I'll > check when I'm editing receiver behavior later today or the > next couple > of days. > > I think the issue is handled if we make sure that the nonce is updated > before a hello is accepted that would change the session ID. > I agree the current text does not say to do this. > however would it fix the problem? > > --Sam > _______________________________________________ OSPF mailing list [email protected] https://www.ietf.org/mailman/listinfo/ospf
