I got a question from my colleague about meaning of "PRF key" in the following text in Section 8.5:
" 1. The PaC and the PAA each are likely to be able to compute a random nonce (according to [RFC4086]). The length of the nonce has to be 1/2 the length of the PRF key (e.g., 10 octets in the case of HMAC-SHA1). 2. The PaC and the PAA each are not trusted with regard to the computation of a random nonce (according to [RFC4086]). The length of the nonce has to have the full length of the PRF key (e.g., 20 octets in the case of HMAC-SHA1). " As far as I remember, "PRF key" means "output block of the negotiated pseudo-random function used in prf+". So HMAC-SHA1 is prf, the output block length is 20 octets. Please let me know if you interpret "PRF key" in the above text in other ways. Best Regards, Yoshihiro Ohba _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana