W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 1998

Re: Digest Authentication: nc=

From: Scott Lawrence <lawrence@agranat.com>
Date: Wed, 29 Apr 1998 10:11:10 -0400 (EDT)
To: Dave Kristol <dmk@research.bell-labs.com>
Cc: http-wg@cuckoo.hpl.hp.com, http-wg@hplb.hpl.hp.com
Message-Id: <Pine.LNX.3.96.980429101023.26483A-100000@alice.agranat.com>
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/84 

On Wed, 29 Apr 1998, Dave Kristol wrote:

> In my implementation of Digest, I don't verify that a given nonce count
> (nc=) has appeared only once.  My server simply doesn't retain that
> kind of state.
> 
> So I'm wondering, *is* anyone planning to implement checks on reuse
> of nc?

  Our internal nonce handling already has a nonce use count, so yes, I
expect that when I do this I'll be checking it.
Received on Wednesday, 29 April 1998 07:14:19 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:05 UTC