[AFS3-std] Re: rxgk CombineTokens and enctypes
Benjamin Kaduk
kaduk@MIT.EDU
Tue, 27 Nov 2012 11:31:28 -0500 (EST)
On Tue, 27 Nov 2012, Andrew Deason wrote:
> On Mon, 26 Nov 2012 15:18:39 -0500 (EST)
> Benjamin Kaduk <kaduk@MIT.EDU> wrote:
>
>> I have new commits up at https://github.com/kaduk/openafs/commits/prot
>> (HEAD is 67b21de).
>
> Should be RXGK_CT_PRINTED. Also, the new registry should be mentioned in
> a 'AFS-3 Registry Considerations' section, and the details of this and
> the values should probably be moved there.
Okay.
>
>> 6e8edde Allow key version number to wrap at 16 bits
>
> I'm not sure I see the point of making this optional, but okay. Nits at
Either side can drop the connection ~arbitrarily anyway, right? So it
couldn't actually be truly mandatory. Though, I guess that line of
reasoning could support either side of the argument. I don't feel
particuarly strongly about optional or not.
> the language, though:
>
> + If rekeying would cause this value to wrap, then the key version number
> + can be stored locally
>
> "MAY be stored locally", I think?
If the connection is going to use the full 32-bit key version number
space, the full number MUST be available; to me this would mean either
storing all 32 bits locally or storing the top 16 bits locally.
The key derivation function requires all 32 bits.
>
> + key version number would wrap, that endpoint must terminate the
> + connection.
>
> "MUST terminate the connection"
Sure.
Thanks for spotting the typos and markup errors; I'll get a new version up
late today (in meetings this afternoon).
-Ben