Forwarding on behalf of Erica Portnoy. I agree, the uniqueness should be a MUST, but I think "high probability" should stay so random generation of nonces is acceptable. PR: https://github.com/ietf-wg-acme/acme/pull/289
-------- Forwarded Message -------- Subject: Generating nonces probabilistically in 6.4.1. Replay-Nonce Resent-Date: Fri, 24 Mar 2017 18:19:35 -0700 (PDT) Resent-From: [email protected] Resent-To: [email protected], [email protected], [email protected] Date: Fri, 24 Mar 2017 18:03:53 -0700 From: erica <[email protected]> To: [email protected] In section 6.4.1. Replay-Nonce, it states: "The server should generate the value provided in Replay-Nonce in such a way that they are unique to each message, with high probability." Should this not be: "The server MUST generate the value provided in Replay-Nonce in such a way that they are unique to each message." This is actually two separate items: - First, that the server must, not should, generate a unique Replay-Nonce. I can't imagine that we're ok with the spec allowing a server to come under replay attacks, so this should probably be MUST. - Second, do Replay-Nonces need to be certainly unique to each message? Or are we merely attempting to mostly rule out replay attacks? If we want to disable them completely, not just with extremely high probability, then we should remove "with high probability". Best, Erica Portnoy _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
