[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[KEYPROV] DSKPP - Authn Code Format
I am adding the Authentication Code Format back into the DSKPP for
version -04 as per comments received on the mailing list and presented
at IETF-71. Please review this change, which specifies a TLV format as
the required format:
3.4.2. Authentication Code Format
At a minimum, the AC MUST contain the following parameters:
identifier: A globally unique client identifier that represents the
user's key request. This value MAY be generated as a sequence number.
password: A unique value that SHOULD be generated by the system as a
random number to make AC more difficult to guess.
A checksum element MAY be included, which is generated by the issuing
server and sent to the user as part of the AC. If included the checksum
MUST be computed using the CRC16 algorithm [ISO3309]. When the user
enters the AC, the typed password is verified with the checksum to
ensure it is correctly entered by the user.
The Issuer MUST rely on a Tag-Length-Value (TLV) format to represent the
AC:
Tag = 0x01 = identifier (MANDATORY)
Tag = 0x02= password (MANDATORY)
Tag = 0x03 = checksum (OPTIONAL)
Tag = 0x04 = [additional parameter] (OPTIONAL)
...
Tag = 0x0n = [additional parameter] (OPTIONAL)
where one byte MUST be used to indicate the L(ength) of the V(alue)
field.
Andrea
_______________________________________________
KEYPROV mailing list
KEYPROV at ietf.org
https://www.ietf.org/mailman/listinfo/keyprov