|
The use of nonces to prevent
replay attacks is incompatible with the use of cached responses. From the client side, what is the difference between not
including a nonce at all and accepting responses without it? From the server side, as Ryan Hurst said, the presence of a
nonce can be viewed as an indication that the client is looking for a “fresh”
response. What if the responder can’t provide one? Cached responses can be treated as CRLs
(checked for time validity using the ThisUpdate and NextUpdate fields). We don’t worry about replay
attacks when using CRLs. If we want to enable the client to work with both fresh and
cached responses we could include a nonce in the request and accept responses
without it. Of course this means that we are giving up prevention against
replay attacks. This prevention only makes sense for fresh responses. The bad
scenario is a replay attack for fresh responses, how can we avoid it? Maybe by having a way to distinguish fresh responses from cached
ones. Then the client can reject a fresh response without the nonce
included in the request. Opinions are welcomed, Miguel A. Rodriguez Software Engineer SeguriDATA Panzacola 62, Piso 1 |