Script updating gh-pages from 0998c2d. [ci skip]

core-wg · Sep 27, 2024 · e2dfee0 · e2dfee0
1 parent 57c300f
commit e2dfee0
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/christian-review-v08/draft-ietf-core-oscore-key-update.html b/christian-review-v08/draft-ietf-core-oscore-key-update.html
@@ -1379,7 +1379,7 @@ <h2 id="name-current-methods-for-rekeyin">
       </h2>
 <p id="section-2-1">Two peers communicating using OSCORE may choose to renew their shared keying information by establishing a new OSCORE Security Context for a variety of reasons. A particular reason is approaching limits set for safe key usage <span>[<a href="#I-D.ietf-core-oscore-key-limits" class="cite xref">I-D.ietf-core-oscore-key-limits</a>]</span>. Practically, when the relevant limits have been reached for an OSCORE Security Context, the two peers have to establish a new OSCORE Security Context, in order to continue using OSCORE for secure communication. That is, the two peers have to establish new Sender and Recipient Keys, as the keys actually used by the AEAD algorithm.<a href="#section-2-1" class="pilcrow">¶</a></p>
 <p id="section-2-2">In addition to approaching the key usage limits, there may be other reasons for a peer to initiate a key update procedure. These include: the OSCORE Security Context approaching its expiration time; application policies prescribing a regular key rollover; approaching the exhaustion of the Sender Sequence Number space in the OSCORE Sender Context.<a href="#section-2-2" class="pilcrow">¶</a></p>
-<p id="section-2-3">It is <span class="bcp14">RECOMMENDED</span> that the peer initiating the key update procedure starts it with some margin, i.e., well before actually experiencing the trigger event forcing to perform a key update, e.g., the OSCORE Security Context expiration or the exhaustion of the Sender Sequence Number space. If the rekeying is not initiated ahead of these events, it may become practically impossible to perform a key update with certain methods.<a href="#section-2-3" class="pilcrow">¶</a></p>
+<p id="section-2-3">It is <span class="bcp14">RECOMMENDED</span> that the peer initiating the key update procedure starts it with some margin, i.e., well before actually experiencing the trigger event forcing to perform a key update, e.g., the OSCORE Security Context expiration or the exhaustion of the Sender Sequence Number space. If the rekeying is not initiated ahead of these events, it may become practically impossible to perform a key update with certain methods, and/or without aborting ongoing message exchanges.<a href="#section-2-3" class="pilcrow">¶</a></p>
 <p id="section-2-4">Other specifications define a number of ways for rekeying OSCORE, as summarized below.<a href="#section-2-4" class="pilcrow">¶</a></p>
 <ul class="normal">
 <li class="normal" id="section-2-5.1">

diff --git a/christian-review-v08/draft-ietf-core-oscore-key-update.txt b/christian-review-v08/draft-ietf-core-oscore-key-update.txt
@@ -223,7 +223,8 @@ Table of Contents
    Security Context expiration or the exhaustion of the Sender Sequence
    Number space.  If the rekeying is not initiated ahead of these
    events, it may become practically impossible to perform a key update
-   with certain methods.
+   with certain methods, and/or without aborting ongoing message
+   exchanges.
 
    Other specifications define a number of ways for rekeying OSCORE, as
    summarized below.