[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: isakmpd.conf question

To: Philipp Buehler <lists@fips.de>
Subject: Re: isakmpd.conf question
From: Hakan Olsson <ho@crt.se>
Date: Fri, 5 Jan 2001 15:01:24 +0100 (CET)
Cc: Tim Newsham <newsham@lava.net>, <tech@openbsd.org>

To expand slightly, and using the example from the isakmpd.conf(5) manual
page: (the default phase 1 and 2 lifetimes)

[General]
Default-phase-1-lifetime=       3600,60:86400
Default-phase-2-lifetime=       1200,60:86400

Here the initiator will propose 3600 seconds for a phase 1 negotiation,
and 1200 seconds for a phase 2.

If this isakmpd instead was the responder, it would accept any proposed
lifetime value between 60 and 86400 seconds, inclusive.

//Håkan

On Fri, 5 Jan 2001, Philipp Buehler wrote:

> On 04/01/2001, Tim Newsham <newsham@lava.net> wrote To tech@openbsd.org:
> > How do two peers agree on the rekeying time?  Do they
> > tell eachother their lifetimes and then pick the common
> > minimum in the min-max range?  Or do they just verify
> Any value is proposed by the initiator. The receiver agrees
> [based on its config] or not.
>

--
Håkan Olsson <ho@crt.se>        (+46) 708 437 337     Carlstedt Research
Unix, Networking, Security      (+46) 31 701 4264        & Technology AB

References:
- Re: isakmpd.conf question
  - From: Philipp Buehler <lists@fips.de>

Prev by Date: A Review of: ssh and my meat loaf!!
Next by Date: Re: The Talk: ssh - are you nuts!?!
Prev by thread: Re: isakmpd.conf question
Next by thread: Re: isakmpd.conf question
Index(es):
- Date
- Thread