Re: [TLS] TLS renegotiation issue

To: Martin Rex <mrex at sap.com>
Subject: Re: [TLS] TLS renegotiation issue
From: Nicolas Williams <Nicolas.Williams at sun.com>
Date: Thu, 5 Nov 2009 12:28:53 -0600
Cc: ekr at rtfm.com, tls at ietf.org
Delivered-to: tls at core3.amsl.com
In-reply-to: <200911051816.nA5IG292002997 at fs4113.wdf.sap.corp>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <20091105175044.GG5124 at Sun.COM> <200911051816.nA5IG292002997 at fs4113.wdf.sap.corp>
User-agent: Mutt/1.5.7i

On Thu, Nov 05, 2009 at 07:16:02PM +0100, Martin Rex wrote:
> I'm trying to use terminology that is already in the TLS specs.
> The generic term "channel bindings" is a little bit to fuzzy for
> my taste, and the original use of channel bindings in GSS-API
> is not cryptographically secure.

Also, the term "channel bindings" is only fuzzy as used in RFCs
2743/2744.  But RFC5056 put an end to that.

If you believe that RFC5056 leaves the term too fuzzy still, then please
explain how, and then we can look at updating RFC5056 if need be.

Nico
--

References:
- Re: [TLS] TLS renegotiation issue
  - From: Nicolas Williams
- Re: [TLS] TLS renegotiation issue
  - From: Martin Rex

Prev by Date: Re: [TLS] TLS renegotiation issue
Next by Date: Re: [TLS] TLS renegotiation issue
Previous by thread: Re: [TLS] TLS renegotiation issue
Next by thread: Re: [TLS] TLS renegotiation issue
Index(es):
- Date
- Thread

Re: [TLS] TLS renegotiation issue

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.