[AFS3-std] rxgk token: encrypted blob or not
Simon Wilkinson
simon@sxw.org.uk
Wed, 7 Nov 2012 12:44:17 +0000
On 7 Nov 2012, at 01:54, Andrew Deason wrote:
> On Tue, 6 Nov 2012 20:47:43 -0500 (EST)
> Benjamin Kaduk <kaduk@MIT.EDU> wrote:
>
>>> says:
>>>
>>> If the token is an encrypted blob, it should be encrypted using
>>> the key usage RXGK_SERVER_ENC_TOKEN.
>>>
>>> should that be a SHOULD ?
>>
>> I don't think so. If we needed 2119-language, I think it would be a
>> MUST. But I'm not sure that we need 2119 language. We don't use it
>> when talking about the other key usages, if I remember correctly.
>
> I thought this was more of a guidance to application-specific
> specifications to just say "hey, we have a key usage value allocated
> specifically for this purpose, so use this one if you can".
Yes - that's the intent, so I agree that the non-2119 language is fine.
S.