Yo Achim! On Tue, 15 Jan 2019 19:16:54 +0100 Achim Gratz via devel <devel@ntpsec.org> wrote:
> Hal Murray via devel writes:
> >> While I don't know what the rationale was for the RFC, it still
> >> makes sense to provide a client with enough cookies so it can fire
> >> off the initial burst w/o re-keying even if all responses get
> >> lost.
> >
> > The NTS-KE section has a SHOULD return 8 keys, but only 1 is
> > required.
>
> An RFC has very specific language (it's explained at the start).
> "SHOULD" in all caps in this case essentially means that NTS-KE is
> strongly expected to serve 8 initial cookies, but a client must not
> fail if it doesn't. That's not a pass for implementing an NTS-KE
> which generally delivers only a single cookie or some other number
> below eight.
Umm, who are you arguing against? Did I miss someone suggest what you
are objecting to? I see no message referenced in your email to point
me at the OP of an idea like that.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
g...@rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
pgpFVcN4Unctn.pgp
Description: OpenPGP digital signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
