Remove confusing comment about nonce transport security

ietf-rats-wg · Dec 6, 2019 · 33282a2 · 33282a2
1 parent faaa9d0
commit 33282a2
Showing 1 changed file with 0 additions and 2 deletions.
diff --git a/draft-ietf-rats-eat.md b/draft-ietf-rats-eat.md
@@ -389,8 +389,6 @@ All EATs should have a nonce to prevent replay attacks. The nonce is
 generated by the relying party, the end consumer of the token. It is
 conveyed to the entity over whatever transport is in use before the
 token is generated and then included in the token as the nonce claim.
-Note that intrinsically by the nature of a nonce no security is needed
-for its transport.
 
 This documents the nonce claim for registration in the IANA CWT 
 claims registry. This is equivalent to the JWT nonce claim that is