I agree with Jacob here. MUST seems appropriate, but requiring uniqueness absolutely imposes a constraint on server design that is so onerous that I would see it as impractical. (Also, the document doesn't really identify a scope for this uniqueness, which would probably be necessary if you had to avoid random generation.)
On 27 March 2017 at 16:46, Jacob Hoffman-Andrews <j...@eff.org> wrote: > Forwarding on behalf of Erica Portnoy. > > I agree, the uniqueness should be a MUST, but I think "high probability" > should stay so random generation of nonces is acceptable. PR: > https://github.com/ietf-wg-acme/acme/pull/289 > > > -------- Forwarded Message -------- > Subject: Generating nonces probabilistically in 6.4.1. Replay-Nonce > Resent-Date: Fri, 24 Mar 2017 18:19:35 -0700 (PDT) > Resent-From: alias-boun...@ietf.org > Resent-To: r...@ipv.sx, j...@eff.org, jdkas...@umich.edu > Date: Fri, 24 Mar 2017 18:03:53 -0700 > From: erica <er...@eff.org> > To: draft-ietf-acme-a...@ietf.org > > > > In section 6.4.1. Replay-Nonce, it states: "The server should generate > the value provided in Replay-Nonce in such a way that they are unique to > each message, with high probability." > > Should this not be: "The server MUST generate the value provided in > Replay-Nonce in such a way that they are unique to each message." > > This is actually two separate items: > - First, that the server must, not should, generate a unique > Replay-Nonce. I can't imagine that we're ok with the spec allowing a > server to come under replay attacks, so this should probably be MUST. > - Second, do Replay-Nonces need to be certainly unique to each message? > Or are we merely attempting to mostly rule out replay attacks? If we > want to disable them completely, not just with extremely high > probability, then we should remove "with high probability". > > Best, > Erica Portnoy > > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme _______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme