On 16 December 2015 at 14:57, Dave Garrett <davemgarr...@gmail.com> wrote: > In fact, if we're OK with setting this rather low threshold, then we could > even get rid of the rekey signal entirely and just have an automatic rekey > after every 4GiB for all ciphers. That'd be one less complexity to deal with. > Rekeys would be routine.
I don't like automatic rekey (though I almost like the per-record rekeying that I think was semi-facetiously suggested by someone). An explicit rekey allows for two things: - testing - reducing the limit if we find that the cipher is more busted than we originally thought (with respect to key overuse) _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls