Hello, I would have a question about shared sercrets used as authentication code in XKRSS requests and responses. In §6.1.1, it is said that in case of registration of client-generated key pair, Alice gets the "024837" code from server to authenticate her request (the code is used in <KeyBindingAuthentication>). That's ok for me. In §6.1.2, it is said that in case of registration of service-generated key pair, Bob gets the "3N9CJ-K4JKS-04JWF-0934J-SR09JW-IK4" code from server and that this code is used (in a key derived form) by server to encrypt private key value (and so by client to decrypt it). Is this code also used for client request authentication (<KeyBindingAuthentication>) before private key generation ? Or, do we have to use two different codes ? When looking at appendix C, - in C.1.2, for Bob registration authentication key, authentication data is "3N9CJ-JK4JK-S04JF-W0934-JSR09-JWIK4" - in C.1.3, for Bob registration private key encryption, authentication data is "3N9CJ-K4JKS-04JWF-0934J-SR09JW-IK4" It's nearly the same, but not the same (one character difference). Is it voluntary ? Thanks for your help, Sincerely, Frederic -- Frederic Deleon -- CanonReceived on Monday, 9 May 2005 10:03:36 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 20 September 2007 14:31:04 GMT