Yoshi, I think your interpretation is correct, as the "e.g." examples confirm.
Alper On Jan 21, 2013, at 3:27 AM, Yoshihiro Ohba wrote: > I got a question from my colleague about meaning of "PRF key" in the > following text in Section 8.5: > > " > 1. The PaC and the PAA each are likely to be able to compute a > random nonce (according to [RFC4086]). The length of the nonce > has to be 1/2 the length of the PRF key (e.g., 10 octets in the > case of HMAC-SHA1). > > 2. The PaC and the PAA each are not trusted with regard to the > computation of a random nonce (according to [RFC4086]). The > length of the nonce has to have the full length of the PRF key > (e.g., 20 octets in the case of HMAC-SHA1). > " > > As far as I remember, "PRF key" means "output block of the negotiated > pseudo-random function used in prf+". So HMAC-SHA1 is prf, the output > block length is 20 octets. > > Please let me know if you interpret "PRF key" in the above text in other > ways. > > Best Regards, > Yoshihiro Ohba > > > > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana