On Mon March 30 2009, Michael S. Zick wrote: > Here is the reference I had in mind (third paragraph): http://en.wikipedia.org/wiki/Battle_of_Leyte_Gulf#The_Crisis_.E2.80.93_US_Seventh_Fleet.27s_calls_for_help
So much for historical trivia on "don't invent your own protocol". Mike > On Mon March 30 2009, Victor Duchovni wrote: > > > - - - snip - - - > > > > Of course to prevent HMAC replay attacks, messages should contain nonces, > > but with protocols using shared secret HMAC signatures, the nonce is > > considered to be part of the message rather than the signature algorithm. > > > > That usage dates back to pre-computer days. Morse code and Teletype days. > And yes, it was part of the message - the operator had to type it in theirself > before entering the message (according to some simple rules). > > There have been world history changing events when some yahoo of a > communications > clerk failed to remove the added nonce from the message. > > But that is just the point - don't try to make up your own usages. > > Mike > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
