Many thanks for your review, Russ, and for thinking about this space and what issues there might be.
I too am concerned about the issue that Russ Housley raised: bad practices in creating the freshness tokens creates a security issue. If this cannot be handled in the way that Russ initially suggested (setting a minimum number of bits) then a proper discussion of the issue and recommendations to avoid the problems need to be included in the security considerations section. I fully recognise the point from the authors that different styles of creating the tokens result in different implications, and that setting a mere minimum number of bits may not be appropriate. Jari
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Gen-art mailing list Genfirstname.lastname@example.org https://www.ietf.org/mailman/listinfo/gen-art