[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New work for sacred working group?

To: pgut001@xxxxxxxxxxxxxxxxx, stephen.farrell@xxxxxxxxx
Subject: Re: New work for sacred working group?
From: pgut001@xxxxxxxxxxxxxxxxx (Peter Gutmann)
Date: Tue, 28 Jun 2005 16:46:39 +1200
Cc: ietf-sacred@xxxxxxx, jas@xxxxxxxxxxx, magnus@xxxxxxxxxxxxxxx
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-sacred/mail-archive/>
List-id: <ietf-sacred.imc.org>
List-unsubscribe: <mailto:ietf-sacred-request@imc.org?body=unsubscribe>
Sender: owner-ietf-sacred@xxxxxxxxxxxx

Stephen Farrell <stephen.farrell@xxxxxxxxx> writes:

>As I read it, that works by basically appending a (hashed?) password to a D-H
>derived key (with some length fields) and using the resulting value as the
>TLS pre-master key. Presumably the handshake falls over at the finished
>message if the wrong password was used.

Yup.  Or you can use RSA (without the heavyweight DH on the client-side), or
just a plain shared key.

>I'll have to read that I-D again and think about whether it really is better
>than the current sacred scheme

Well, I don't know about technically better, but it does more or less the same
job, it's unencumbered, and it's tuneable for low-powered devices.  It's most
importantly property however is that it's a TLS standards-track mechanism,
which means that it actually exists (i.e. it's implemented and eventually,
it's hoped, widely deployed).

Peter.

Follow-Ups:
- Re: New work for sacred working group?
  - From: Magnus Nystrom

References:
- Re: New work for sacred working group?
  - From: Stephen Farrell

Prev by Date: Re: New work for sacred working group?
Next by Date: Re: New work for sacred working group?
Previous by thread: Re: New work for sacred working group?
Next by thread: Re: New work for sacred working group?
Index(es):
- Date
- Thread