[TLS] Channel binding versus keying material exporters

To: tls at ietf.org
Subject: [TLS] Channel binding versus keying material exporters
From: Douglas Stebila <douglas at stebila.ca>
Date: Fri, 6 Nov 2009 00:23:05 +0800
Delivered-to: tls at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:from:content-type :content-transfer-encoding:subject:date:message-id:to:mime-version :x-mailer; bh=grlkOfF1eBi7rwORjJPS3BpUwUS0iMckOiVcaP/1V0I=; b=Jc05tUCLd9o78LtDbQxtxzu3rtCQJenv5jFqID46kObnPRWuyWgAwJE/zFDlfVTq76 dT/TAu86c3T2sgtGYQZGAT6nbiRj4cOPygJUqGVQzGPVu3PqaIHY4hmScUFOPZZzp669 Atl4eKPho1ffG2iVetTjiY9ZDyHOBTqcemNEM=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:from:content-type:content-transfer-encoding:subject:date :message-id:to:mime-version:x-mailer; b=HPZfDbHwIuROdJk/5Vp0IeOgtuMVyYhYXePfSCNx8z4aqk/jEkhmO/NvuII1lzDtQs CT1vGVPkQ92LVpgfRPO1yGLlPD4L6y0qhRQM4mVNBqx7m/hHHY02PhuVUM/HmZLyEJRa vyULhZWiRbHBkWY3xZDxZLySPDsbckEDGCkU4=
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Sender: Douglas Stebila <dstebila at gmail.com>

Can someone comment on the similarities and differences of TLS channelbinding and TLS keying material exporters? Is the keying materialderived from a TLS master key using a keying material exportersuitable for channel binding as well, if used for key confirmation?If a higher-level application wishes to do additional authenticationand bind the endpoints of that authentication to the endpoints of theTLS connection, should one use key confirmation with keying materialexporters or something from TLS channel binding?


Thanks,

Douglas

Follow-Ups:
- Re: [TLS] Channel binding versus keying material exporters
  - From: Nicolas Williams

Prev by Date: Re: [TLS] TLS renegotiation issue
Next by Date: Re: [TLS] Channel binding versus keying material exporters
Previous by thread: [TLS] TLS renegotiation issue
Next by thread: Re: [TLS] Channel binding versus keying material exporters
Index(es):
- Date
- Thread

[TLS] Channel binding versus keying material exporters

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.