First round of my stupid questions about NTS
Gary E. Miller
gem at rellim.com
Fri Jan 18 20:59:53 UTC 2019
Yo Hal!
On Fri, 18 Jan 2019 12:39:04 -0800
Hal Murray via devel <devel at ntpsec.org> wrote:
> Gary said:
> >> You can't precompute cookies. They contain S2C and C2S which
> >> depend on the TLS sesson key.
> > I see no such requirement in the Proposed RFC. My expectation is
> > exactly the reverse. Did I miss something?
>
> The cookie contains S2C and C2S encrypted with with the master key.
Agree. Also hashed with the master key. AEAD is encrypt and hash.
> S2C and C2S depend on the TLS session key.
Disagree.
> Which part(s) don't you agree with?
The second part. I find no support for your second statement in the
Proposed RFC.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190118/79b3b182/attachment.bin>
More information about the devel
mailing list