DDS-Security 1.0 FTF Avatar
  1. OMG Issue

DDSSEC_ — Size of NONCE (Challenge_A/Challenge_B) in Authentication handshake messages undefined

Open Closed All
  • Key: DDSSEC_-114
  • Legacy Issue Number: 19864
  • Status: closed  
  • Source: THALES ( Cyril Dangerville)
  • Summary:

    The total size of the NONCE in binary_value1 of HandshakeRequestMessageToken and HandshakeReplyMessageToken (9.3.2.3.1) is undefined. The spec just says: "first 10 octets are set to match the ascii encoding of the string "CHALLENGE:"). There does not seem to be any mandatory size from a functional perspective, bu the spec should at least recommend a minimal size or refer to some recommendation on that.

  • Reported: DDS-Security 1.0b1 — Wed, 2 Dec 2015 05:00 GMT
  • Disposition: Resolved — DDS-Security 1.0
  • Disposition Summary:

    *9.3.2.3.1 and 9.3.2.3.2. Specify NONCE must include at least 32 characters and not be predictable *

    Specify that the NONCE in sections 9.3.2.3.1 and 9.3.2.3.2 must contain 32 characters in addition to the specified prefix.
  • Updated: Tue, 12 Jul 2016 14:45 GMT