Re: Protocol Action: 'Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)' to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Protocol Action: 'Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)' to Proposed Standard

To: ietf at ietf.org
Subject: Re: Protocol Action: 'Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)' to Proposed Standard
From: Francis Dupont <Francis.Dupont at enst-bretagne.fr>
Date: Mon, 27 Jun 2005 17:02:19 +0200
In-reply-to: Your message of Fri, 24 Jun 2005 15:00:15 EDT. <E1DltPT-0001Q8-BC@newodin.ietf.org>
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
Sender: ietf-bounces at ietf.org

 In your previous mail you wrote:

   The IESG has approved the following document:
   
   - 'Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) '
      <draft-ietf-tls-psk-09.txt> as a Proposed Standard
   
=> this document seems to go in the wrong way: pre-shared secrets
are known to be weaker than certificates and TLS has already many
problems with its misuses (for instance no client verification or
poor server certificate validation).
 I remember a similar discussion about IKEv2 but in this case pre-shared
secrets were kept for compatibility... I can't see why no argument
against pre-shared secrets applies for the TLS case. Perhaps a security area
director can help me? BTW, I don't buy the "limited CPU power" argument
without real world examples.

Regards

Francis.Dupont at enst-bretagne.fr

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

Follow-Ups:
- Re: Protocol Action: 'Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)' to Proposed Standard
  - From: Paul Hoffman

Prev by Date: Re: IANA Action: Assignment of an IPV6 Hop-by-hop Option
Next by Date: Re: IANA Action: Assignment of an IPV6 Hop-by-hop Option
Previous by thread: Real or fraud?... FW: About your registration at IETF event
Next by thread: Re: Protocol Action: 'Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)' to Proposed Standard
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: Protocol Action: 'Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)' to Proposed Standard

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.