Consistency with the mandatory use of 'cnonce'

[marco-tiloca-sics]

Revise to ensure consistency about the mandatory use of the 'cnonce' parameter from draft-ietf-key-groupcomm-17.

With reference to version -16 of this document, the following changes are needed.

Section 4 "Authentication Credentials"

OLD

..., the Group Manager silently ignores that parameter, as well as the related parameters 'cnonce' and 'client_cred_verify'.

NEW

..., the Group Manager silently ignores that parameter, as well as the related parameter 'client_cred_verify'.

Section 6.3 "Send the Join Response"

OLD

The 'kdc_cred_verify' parameter MUST be present, specifying the proof-of-possession (PoP) evidence computed by the Group Manager. The PoP evidence is computed over the nonce N_KDC, which is specified in the 'kdc_nonce' parameter and taken as PoP input. The PoP evidence is computed as defined below (REQ21).

NEW

The 'kdc_cred_verify' parameter MUST be present, specifying the proof-of-possession (PoP) evidence computed by the Group Manager. The PoP evidence is computed as defined below (REQ21).

Section 12 "ACE Groupcomm Parameters"

OLD

When the conditional parameters defined in Section 8 of [I-D.ietf-ace-key-groupcomm] are used with this application profile, a Client must, should or may support them as specified below (REQ30).

• 'client_cred', 'cnonce', 'client_cred_verify'. A Client that has an own authentication credential to use in a group MUST support these parameters.

NEW

When the conditional parameters defined in Section 8 of [I-D.ietf-ace-key-groupcomm] are used with this application profile, a Client must, should or may support them as specified below (REQ30).

• 'client_cred' and 'client_cred_verify'. A Client that has an own authentication credential to use in a group MUST support these parameters.