> Detecting it is easy, sure. But I'm a bit lost on how you propose > to > 'use' it. The connection is active up until the next rekey > event. If > rekey offloading is supported, then this might never involve user > space. > But if it isn't (and I can't get rekey offload to work on any > recent > kernel I tried) then how do you propose userspace obtains the rekey > counter, or the various keys used in the connection? > > What about all the other state information? FT, Pre-Authentication, > etc? Well, no, that'd only work with an open connection :) johannes
