Ok, since answer not obvious starting thread on Kitten. -----Original Message----- From: Jari Arkko [mailto:[email protected]] Sent: Thursday, December 1, 2016 1:30 AM To: Benjamin Kaduk <[email protected]> Cc: Paul Miller (NT) <[email protected]>; Michiko Short <[email protected]>; IETF Gen-ART <[email protected]>; [email protected] Subject: Re: [Gen-art] Gen-ART Review of draft-ietf-kitten-pkinit-freshness-07
Many thanks for your review, Russ, and for thinking about this space and what issues there might be. I too am concerned about the issue that Russ Housley raised: bad practices in creating the freshness tokens creates a security issue. If this cannot be handled in the way that Russ initially suggested (setting a minimum number of bits) then a proper discussion of the issue and recommendations to avoid the problems need to be included in the security considerations section. I fully recognise the point from the authors that different styles of creating the tokens result in different implications, and that setting a mere minimum number of bits may not be appropriate. Jari _______________________________________________ Gen-art mailing list [email protected] https://www.ietf.org/mailman/listinfo/gen-art
