On Mon, Nov 28, 2016 at 09:53:35PM +0000, Paul Miller (NT) wrote: > Minimum length is a problematic topic due to the fact that we intentionally > did not specify the format of the freshness token. Since the structure of > the freshness token is left up to the KDC, there is no good way to determine > a minimum size. If the freshness token is a nonce then the size is > determined by the birthday problem. If it is based on symmetric > cryptography, then there are different length considerations. If it is based > on asymmetric crypto then there is a third set of size considerations.
We could still mention in the security considerations that depending on the construction of the token, the token should have some minimum size; essentially, your text from above. -Ben _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art