summary of feedback on replay cache collision avoidance proposal
Tom Yu
tlyu at MIT.EDU
Tue Dec 30 23:36:50 EST 2008
Greg Hudson <ghudson at MIT.EDU> writes:
> On Tue, 2008-12-30 at 18:23 -0500, Tom Yu wrote:
>> * General form of the extension encoding. We don't have to exactly
>> specify how future extensions will work as long as we don't paint
>> ourselves into a corner. I have suggested one (non-binary)
>> alternative on the project proposal page. The extension for the
>> hash currently includes a hash algorithm identifier, but I am not
>> strongly attached to the idea.
>
> I would prefer "HASH:" as the extension identification instead of just
> "H:" but it's not a big deal. (It's just a little clearer; using "H:"
> now does not restrict us to single-byte identifiers in the future.)
>
> There should presumably be a null byte after the ciphertext.
Thanks; updated accordingly.
More information about the krbdev
mailing list