From 926a2828ab29889682a96f058d7d4f6d773da584 Mon Sep 17 00:00:00 2001 From: Kovid Goyal Date: Thu, 11 Aug 2022 06:38:59 +0530 Subject: [PATCH] 5 minutes does not actually prevent replay just minimise it --- docs/rc_protocol.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/rc_protocol.rst b/docs/rc_protocol.rst index 757c21d0f..125d22758 100644 --- a/docs/rc_protocol.rst +++ b/docs/rc_protocol.rst @@ -47,7 +47,7 @@ encrypted to keep the password secure. A public key is used from the protocol is supported. The protocol number is present in :envvar:`KITTY_PUBLIC_KEY` as ``1``. The key data in this environment variable is Base-85 encoded. The algorithm used is Elliptic Curve Diffie Helman with the X25519 curve. A -time based nonce is used to avoid replay attacks. The original JSON command has +time based nonce is used to minimise replay attacks. The original JSON command has the fields: ``password`` and ``timestamp`` added. The timestamp is the number of nanoseconds since the epoch, excluding leap seconds. Commands with a timestamp more than 5 minutes from the current time are rejected. The command is then