[Babel-users] MAC rekeying in babeld and information model

[Juliusz Chroboczek]

> Since that revision has Boolean (true/false) parameters of
> babel-key-use-sign and babel-key-use-verify (but not key-use with values
> of sign/verify/both), I did want to be sure we were talking about the
> right model revision.

The second part of my inquiry -- how does the information model enable
incremental deployment?  Section 5 of draft-ietf-babel-mac.

Toke, it would be helpful if we could understand what key-use is intended
for.  My personal opinion right now is that we should:

  - remove key-use from the draft;

  - add a per-interface configuration "allow-unauthentified", which, if set,
    causes all packets received on that interface to be accepted, whether
    signed, unsigned, or incorrectly signed.

Incremental deployment is an important feature, and I think that we need
to make really sure that the information model allows it.

-- Juliusz