> > Can you suggest the correct wording? > > My current proposal is to apply this patch (a4d36684 on my github): > epoch || cid || start_time || key_number)) > </artwork> > </figure> > + <t>[[The PRF+ function defined in RFC 4402 specifies that the > values > + of the counter 'n' should begin at 1, for T1, T2, ... Tn. > + However, implementations of that PRF+ function for the > + gss_pseudo_random() implementation for the krb5 mechanism have > + disregarded that specification and started the counter 'n' from 0. > + Since there is no interoperability concern between krb5 > + gss_pseudo_random() and rxgk key derivation, implementations of > + the RFC 4402 PRF+ function for rxgk key derivation should use the > + RFC 4402 version as specified, that is, with the counter 'n' > beginning > + at 1.]]</t> > <t>L is the key generation seed length as specified in the RFC3961 > profile.</t> > <t>epoch, cid and key_number are passed as 32 bit quantities; > start_time
Thanks Ben, This looks fine to me, and hearing no objections, I think we should take this without another last call. Thanks, Mike -- Michael Meffie <[email protected]> _______________________________________________ AFS3-standardization mailing list [email protected] http://lists.openafs.org/mailman/listinfo/afs3-standardization
