summary of feedback on replay cache collision avoidance proposal
Greg Hudson
ghudson at MIT.EDU
Tue Dec 30 19:02:43 EST 2008
On Tue, 2008-12-30 at 18:23 -0500, Tom Yu wrote:
> * General form of the extension encoding. We don't have to exactly
> specify how future extensions will work as long as we don't paint
> ourselves into a corner. I have suggested one (non-binary)
> alternative on the project proposal page. The extension for the
> hash currently includes a hash algorithm identifier, but I am not
> strongly attached to the idea.
I would prefer "HASH:" as the extension identification instead of just
"H:" but it's not a big deal. (It's just a little clearer; using "H:"
now does not restrict us to single-byte identifiers in the future.)
There should presumably be a null byte after the ciphertext.
More information about the krbdev
mailing list