- From: Paul Leach <paulle@microsoft.com>
- Date: Mon, 26 Feb 96 11:28:16 PST
- To: john@math.nwu.edu
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
In the security considerations section, it should explain why having the Client IP address in the nonce is stronger than just checking the IP address over which the request arrived against the IP address over which the nonce was originally obtained. Paul
Received on Monday, 26 February 1996 11:30:02 UTC