Re: timestamp based protocol

Relevant Pages

• Re: client/server clock synchronisation for username signing(WSE 1.0)
  ... > by the TimeStamp header: ... the Nonce and Created Timestamp are part of the ultimate ...
  (microsoft.public.dotnet.framework.webservices.enhancements)
• Re: client/server clock synchronisation for username signing(WSE 1.0)
  ... i'm assuming that is what Tim meant with his last comment? ... the Nonce and Created Timestamp are part of the ultimate hash ... >I may be missing something here - but I do not think the TimeStamp ... > SoapHeader affect Nonce at all. ...
  (microsoft.public.dotnet.framework.webservices.enhancements)
• Re: Is an entirely random nonce valid?
  ... first thought was to use a cryptographic random number generator, ... to generate the entire nonce. ... of embedding a timestamp in the nonce because time on my system isn't ...
  (sci.crypt)
• Re: timestamp based protocol
  ... >> Possibly they are using the timestamp tA in the generation of a nonce ... >hmmm...no I don't think this simply because nonce are intriduced in the next ... >> Or they are trying to avoid some type of replay attack. ...
  (sci.crypt)
• Re: client/server clock synchronisation for username signing(WSE 1.0)
  ... devils advocate is that you would have to keep ALOT of nonce values. ... i'm assuming you would just keep some N number of nonces, and get rid of the ... maybe keep the timestamp and just be more forgiving? ... would you have any comment on how secure it ...
  (microsoft.public.dotnet.framework.webservices.enhancements)