summary of feedback on replay cache collision avoidance proposal

Tom Yu tlyu at MIT.EDU
Tue Dec 30 23:36:50 EST 2008

Greg Hudson <ghudson at MIT.EDU> writes:

> On Tue, 2008-12-30 at 18:23 -0500, Tom Yu wrote:
>> * General form of the extension encoding.  We don't have to exactly
>>   specify how future extensions will work as long as we don't paint
>>   ourselves into a corner.  I have suggested one (non-binary)
>>   alternative on the project proposal page.  The extension for the
>>   hash currently includes a hash algorithm identifier, but I am not
>>   strongly attached to the idea.
> I would prefer "HASH:" as the extension identification instead of just
> "H:" but it's not a big deal.  (It's just a little clearer; using "H:"
> now does not restrict us to single-byte identifiers in the future.)
> There should presumably be a null byte after the ciphertext.

Thanks; updated accordingly.

More information about the krbdev mailing list