From 6f30157df092b24063be5be4e8519e622c962beb Mon Sep 17 00:00:00 2001 From: sp0001 Date: Thu, 26 Sep 2024 08:31:28 +0200 Subject: [PATCH] Rephrased party identity string explanation. --- draft-irtf-cfrg-cpace.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-irtf-cfrg-cpace.md b/draft-irtf-cfrg-cpace.md index f4631d9..7b95698 100644 --- a/draft-irtf-cfrg-cpace.md +++ b/draft-irtf-cfrg-cpace.md @@ -232,7 +232,7 @@ For accomodating different application settings, CPace offers the following OPTI ADa and ADb could also include application protocol version information of an application protocol (e.g. to avoid downgrade attacks). - Session identifier (sid). - If both parties have access to the same unique string sid being specific for a communication session before starting the protocol, + If both parties have access to the same unique octet string sid being specific for a communication session before starting the protocol, it is RECOMMENDED to forward this sid value as an additional input for the protocol as this provides security advantages and will bind the CPace run to this communication session (see {{sec-considerations}}).