As discussed we're looking at having a MIC token in the final message that indicates the checksum of everything in the last token.
It's format currently is * DER encoding of the mechanism OID * 2 byte outer token type Then for each inner token besides the MIC token: * 4 byte type * value of the token In particular, the length of the subtokens are not included. I think we should either include the lengths in the MIC or have a convincing argument why you can't move bytes around between one subtoken and other by attacking the lengths. I think this is safe; I'd appreciate though if someone else would explain why they think it's safe and see if that matches up with my understanding. Alternatively, say that you want the length included. _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
