New text:
The probability of an attacker guessing generated tokens (and other
credentials not
intended for handling by end-users) MUST be less than or equal to
2^(-128) and SHOULD be
less than or equal to 2^(-160).
Removed reference to RFC 1750.
EH
> -----Original Message-----
> From: John Bradley [mailto:[email protected]]
> Sent: Monday, February 06, 2012 5:07 PM
> To: Eran Hammer
> Cc: Julian Reschke; [email protected]; The IESG; [email protected]
> Subject: Re: [OAUTH-WG] Last Call: <draft-ietf-oauth-v2-bearer-15.txt> (The
> OAuth 2.0 Authorization Protocol: Bearer Tokens) to Proposed Standard
>
> RE new text in Draft 23
>
> http://tools.ietf.org/html/draft-ietf-oauth-v2-23#section-10.10
>
> Generated tokens and other credentials not intended for handling by
> end-users MUST be constructed from a cryptographically strong random
> or pseudo-random number sequence ([RFC1750]) generated by the
> authorization server.
>
> Given that many implementations may elect to use signed tokens, such as
> SAML or JWT (JOSE) this should not be a MUST.
>
> Giving people sensible defaults such as the probability of an attacker
> guessing a valid access token for the protected resource should be less than
> 2^(-128).
>
> The probability of generating hash colisions randomly is a odd metric, 2^(-
> 128) for a SHA256 as I recall.
> Many factors play into what is secure, token lifetime etc.
>
> I don't mind some reasonable defaults but adding a requirement for
> unstructured tokens is a bit much.
>
> Regards
> John B.
>
>
_______________________________________________
Ietf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf
