I’m reading through the manual with a mobile workers scenario in mind, these mobile workers may join the network every day but they may not join for 6 months in rare scenarios.
Section 2.1.2 talks about identities expiring after 60-days.
I assume that this expiry means that within the 60-days, if a new member attempts to join and just so happens to create an identity collision then the root will tell it to generate another key pair as that identity is “in use”?
If a new member were to generate an identity which collided after the 60-day timeout then this would presumably be accepted, this new member wouldn’t inherit Managed IP’s, Tags and/or Capabilities from the original user with the same identity would it? I assume that even though the VL1 identity matches, the private/public key pair is even less likely to match so the new member would start from fresh? What does the network settings page do if two users have a VL1 identity collision, do they both display or does the old member get replaced by the new user?
I understand that these possibilities are extremely unlikely but I’m just trying to understand the underlying behaviour of the system in this event. As a side note, is it known just how likely this is, how many public key values can converge into a single 40-bit identity?