"Against Rekeying"

[Stephan Neuhaus]

On Mar 23, 2010, at 22:42, Jon Callas wrote:

> If you need to rekey, tear down the SSL connection and make a new one. There should be a higher level construct in the application that abstracts the two connections into one session.

... which will have its own subtleties and hence probability of failure.

Stephan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com