Document key rotation

[DemiMarie]

It is unclear how an SPI can last longer than the underlying master key in the NIC. In particular, there must be a way for receiver-side software to communicate new keys to the sender, and for there to be enough overlap (where both new and old keys are allowed) to avoid packet drops.

[insanum]

A SPI will live as long as its original key is either in the master primary or secondary slots. Once there is a double rotation they yes, that SPI is junk. :-)

I agree that there should be some guidance on invoking key rotations and the communication between endpoints.

[DemiMarie]

Should this be part of PSP?

[insanum]

A protocol between endpoints for key rotation is outside PSP (as its defined now). Any wording on this would be similar to that stated about the initial handshake for communicating the shared secret key.

Clear guidance to when key rotation must occur should be provided. There is some text on this but it could probably be refined further.

[hlrichardson]

The document has been updated to indicate that rekeying is necessary with key rotation (although the details of key rotation are currently out of scope for the document).