NTS keys as I understand them
Achim Gratz
Stromeko at nexgo.de
Tue Jan 15 18:16:54 UTC 2019
Hal Murray via devel writes:
>> While I don't know what the rationale was for the RFC, it still makes sense
>> to provide a client with enough cookies so it can fire off the initial burst
>> w/o re-keying even if all responses get lost.
>
> The NTS-KE section has a SHOULD return 8 keys, but only 1 is required.
An RFC has very specific language (it's explained at the start).
"SHOULD" in all caps in this case essentially means that NTS-KE is
strongly expected to serve 8 initial cookies, but a client must not fail
if it doesn't. That's not a pass for implementing an NTS-KE which
generally delivers only a single cookie or some other number below
eight. Again, there likely is a rationale for not chosing MUST
(e.g. for a specific use scenarios inside a datacenter, or maybe IoT
applications like metering), maybe Daniel could explain.
Regards,
Achim.
--
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
Wavetables for the Waldorf Blofeld:
http://Synth.Stromeko.net/Downloads.html#BlofeldUserWavetables
More information about the devel
mailing list