Rich Salz wrote: >>>Or use the trick we created for Identrus: make the nonce be the hash of >>>the document that made you first do the OCSP query. >> >>That doesn't prevent a replay attack, in general, of course. > > > If the document isn't public, then it's as good as arbitrary random bytes. > If the document *is* public, then it would be interesting to analyze what > "replay" would really mean given the timestamps within the OCSP message > itself.
I was unclear - I meant as a general technique it doesn't - it may well be that it does given the properties of certain protocols, though unless you are guaranteed to answer the same at all points in the future, I don't see how the timestamp helps. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ Available for contract work. "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]