Hi Uri, * Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu> [06/04/2016 20:37:35] wrote: > I seem to recall that Ted Krovetz some time ago submitted a draft (to > CFRG?) defining OCB: https://tools.ietf.org/html/draft-krovetz-ocb-04 . > Perhaps these two should be brought to sync, since the nonce construction > changes?
I'm not sure this is necessary as my draft is specific to the TLS nonce construction and there's no need to update the primitive itself. As far as I can tell this nonce construction doesn't conflict with the RFC defining the primitive. I've switched to this new nonce construction since it effectively prevents implementers from re-using the same nonce as it would make implementations non-interoperable, which I feel is a good thing. It's also similar to how TLS 1.3 will form a nonce. HTH, Aaron
signature.asc
Description: Digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls