Hello, I would have a question about Nonce construction. What is the meaning of "+" in computation formula (nonce = time + serial + M ( time + serial , k ))? It looks like concatenation. But when looking at examples ("Rj2BoUZM7PisPX2ytSAAWA==" in response 1), beginning of Nonce does not seem to look like "clear" time value. Moreover, I think concatenation of "clear" values and encrypted values would not be efficient to avoid leakink information [74]. So perhaps formula is nonce = MAC of time&serial concatenation with k key (nonce = M ( time + serial , k ) rather, in my mind). But in this case, how time or serial values could be retrieved from MAC encrypted value ? I understand that this formula is not mandatory for service implementation, but I would like to use it to be nearer from specification. Sincerely, Frédéric DeléonReceived on Friday, 25 February 2005 13:58:00 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 20 September 2007 14:31:03 GMT