On Wed, 23 Jul 2025 at 12:00, Alexander Clouter <alex=2Bietf= 40coremem....@dmarc.ietf.org> wrote:
> On Wed, 23 Jul 2025, at 08:51, Alan DeKok wrote: > > I'm not sure what it's used for. If it's just a random field, why > > have this text: > > > > The nonce in a request MUST have its least significant bit > > set to zero (0), and the nonce in a response MUST have the same > > value as the request nonce except the least significant bit MUST > > be set to one (1). > > > > ? If it's just a nonce, there should be no reason to set / clear that > bit. > > Maybe it was perceived as a simply way to remove any problem with looping > back a request as a response. > > Not saying it is valid (or invalid). > I'd say more valid than invalid. The nonce does a round-trip but there's that one bit difference in its value when it's used with cryptographic calculations by the peer or the server. Even if the same value were safe, it would be harder to call it a nonce in that case. [cut a good summary of TEAPv1 document history] -- Heikki Vatiainen h...@radiatorsoftware.com
_______________________________________________ Emu mailing list -- emu@ietf.org To unsubscribe send an email to emu-le...@ietf.org
