> I cant find that in the Proposed RFC. Got a citation? Bottom of page 21. Last paragraph of section 5.
> And what is the point of storing cookies and K/I pair together? The client > has no K/I pair. A server is to regenerate the cookies from K/I pairs. > Mixing the roles is bad. I didn't say anything about "together". Mixing the roles doesn't even make sense. The K/I on a system are for cookies that clients might use to talk to this server. The cookies that should get saved are for use when talking to remote servers. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
