On 30/12/09 09:25 +0100, Hartmut Goebel wrote: > Cédric Krier schrieb: > > But a timestamp is perhaps the solution with a wait if there is a > > collision. The sequence will have a timestamp precision field and a > > last timestamp used. > > Please rethink whether it is necessary to record the last timestamp. If > precisstion is small enough, there time will change between every call.
If the precision is configurable, we must check it. > > An addition could be to include a (smaller) sequence counter, too. Thus > an attacker would have to guess both the counter and the correct timestamp. Don't understand what an attacker can do ? -- Cédric Krier B2CK SPRL Rue de Rotterdam, 4 4000 Liège Belgium Tel: +32 472 54 46 59 Email: [email protected] Jabber: [email protected] Website: http://www.b2ck.com/ twitter: http://twitter.com/cedrickrier identi.ca: http://identi.ca/cedrickrier
pgpuw4QaNZ96t.pgp
Description: PGP signature
