- From: Joseph Ashwood <jashwood@arcot.com>
- Date: Tue, 3 Jul 2001 11:22:02 -0700
- To: "Amir Herzberg" <AMIR@newgenpay.com>, "'Donald E. Eastlake 3rd'" <dee3@torque.pothole.com>, "Public XML Encryption List" <xml-encryption@w3.org>
----- Original Message -----
From: "Amir Herzberg" <AMIR@newgenpay.com>
> Nonce is usually used for a challenge. I prefer to use `salt` or
> `randomizer` for a value whose only goal is to increase entropy.
Actually 'nonce' is used for the introduction of a one time random value
that may or may not be public. A 'salt' is a long term repeated use value,
commonly used in association with password verification, it is public, and
it's use is simply to make dictionary attacks harder. 'Randomizer' is
basically unused, so it would be acceptable, but I would prefer 'nonce'.
Joe
Received on Tuesday, 3 July 2001 14:45:28 UTC