By unique, does that mean statistically unique or verifiably unique? That is,
do I need store the nonce or can I just gin up a bunch of entropy of suitable
collision resistance? The latter is generally preferable.
Mike
Blaine Cook wrote:
+1. This is good.
On 19 November 2011 16:41, Eran Hammer
+1. This is good.
On 19 November 2011 16:41, Eran Hammer-Lahav wrote:
> We had a long discussion about what to use for the numerical component of
> the nonce string. I would like to suggest we use:
>
>
>
> nonce
>
> REQUIRED. A unique string generated by the client to allow the
>
>
We had a long discussion about what to use for the numerical component of the
nonce string. I would like to suggest we use:
nonce
REQUIRED. A unique string generated by the client to allow the
server to verify that a request has never been made before and
helps prev
