> The MAC will check out only if the servers are using the same key. That's not necessarily true. Since the ticket is not self-describing. and there is no normative language relating to ticket construction, there is no guarantee that implementations will put the MAC field in the same place or use the same algorithm. This could be fixed by including a globally and temporally unique ticket identifier, and mandating that the MAC field be put at the end. > It's certainly true that "implements all the MUSTs in the document" > does not imply the system is secure, but that applies pretty much > to any document (unless it says "the system MUST be secure" :-). While it's certainly true that normative language doesn't guarantee security, most specifications do use normative language, if only to pin down some basic features of the specification. It is quite possible for this specification to allow innovation along many dimensions, by mandating a few critical items, enough to avoid interoperability problems, and leaving the rest open. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf