Hi Sam, No problem here. Seems sensible either way to me and a little better with the new text if that's what the WG prefer. I'd say make the change when processing any other IETF LC comments. S. On 16/08/11 00:46, Sam Hartman wrote: > Hi. > Just around the time that this document was sent to the IESG, a > discussion started surrounding the nonce text in this draft in the > Kerberos working group. > All the participants seemed to agree that the discussion was > non-blocking: if consensus on a change was not found before ietf last > call ended, then the existing text would stand. > So, I did not ask our AD to block the draft. > > However, the Kerberos working group did reach a consensus on new text. > We'd like to propose to the IETF that > > The text in section 4.1 is changed from: > > This nonce string MUST be as long as the longest key length of > the symmetric key types that the KDC supports and MUST be chosen > randomly. > > to > > This nonce string MUST contain a randomly chosen component at > least as long as the armor key length. > > > The KDC can then compose a nonce out of a random component and a > timestamp. > > > > This change has already reached consensus within the working group. If > there are no objections (especially including objections from our AD) > I'll ask the authors to make this change. If there are objections then > our AD will judge consensus as usual. > > Sam hartman > Kerberos Co-chair > _______________________________________________ > ietf-krb-wg mailing list > ietf-krb-wg@xxxxxxxxxxxxx > https://lists.anl.gov/mailman/listinfo/ietf-krb-wg > _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf