Re: [TLS] TLS Protocol Version

To: mrex at sap.com, Pasi.Eronen at nokia.com
Subject: Re: [TLS] TLS Protocol Version
From: Peter Gutmann <pgut001 at cs.auckland.ac.nz>
Date: Fri, 20 Nov 2009 19:37:39 +1300
Cc: tls at ietf.org
Delivered-to: tls at core3.amsl.com
In-reply-to: <808FD6E27AD4884E94820BC333B2DB774F30FE12B7 at NOK-EUMSG-01.mgdnok.nokia.com>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Sender: pgut001 <pgut001 at wintermute01.cs.auckland.ac.nz>

<Pasi.Eronen at nokia.com> writes:

>BTW, there's another common renegotiation case where a "low-hanging fruit"
>(trivial-to-implement solution known not to cause interop problems with
>broken servers) exists: changing from server-only authentication to mutual
>authentication (with certificate-based cipher suites).

What TLS does with certificates isn't mutual authentication, it's
unidirectional authentication in both directions.  TLS-PSK provides true
mutual authentication.  So perhaps the fix is to encourage people to switch to
TLS-PSK, which as a side-effect would do a great deal to address the phishing
problem as well.

Peter.

References:
- Re: [TLS] TLS Protocol Version
  - From: Pasi.Eronen

Prev by Date: [TLS] Definition of "lenient server"
Next by Date: Re: [TLS] simplistic renego protection
Previous by thread: Re: [TLS] TLS Protocol Version
Next by thread: Re: [TLS] TLS Protocol Version
Index(es):
- Date
- Thread

Re: [TLS] TLS Protocol Version

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.