[Babel-users] key rotation take #2

[Toke Høiland-Jørgensen]

Dave Taht <dave at taht.net> writes:

> Toke Høiland-Jørgensen <toke at toke.dk> writes:
>
>> Dave Taht <dave at taht.net> writes:
>>
>>> so we invent a new keyword "serial".
>>
>> So what you're trying to express here is the notion of a "receive-only"
>> key that is not used for signing outgoing packets, right?
>
>
> No... the old key is retired from active use in the protocol after
> concensus is achieved on the new key by the protocol, and not used
> again unless a router comes up with an unreadable hmac. In that case
> we go back to at least trying to verify (periodically?) that it's not
> using the old key (if we still have it around) and if it's using the
> old key, we go back to signing stuff with that key.
>
> Does that concept need to be in the protocol spec?

This reads to me like a specific operational procedure for deployment;
don't think that should go into the spec, no.

>> it would be better to express that explicitly as a property of the key
>> config that can be changed on a per-key basis. For one thing, 'serial'
>> is misleading as it sounds like something that affects the wire
>> format,
>
> OK. how about "new" and "old" as keywords? That implies two states and
> two states only. I liked 0 and X as numbers, so long as the ascending
> property is maintained. As for why not 0 and 1, see below.
>
> Totally open to bikeshedding the name. :) babeltowerno?

Don't care what they are called. My point is just that it's a property
of a particular key.

Bird already has this, BTW: each key can be set to "generate" signatures
and "accept" signatures, where the former puts them on the wire, and the
latter will accept packets signed with that key. You can set time ranges
for each or both. See
https://bird.network.cz/?get_doc&v=20&f=bird-3.html (search for
"password option"). The Babel HMAC implementation inherits this.

-Toke