[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Re: NIST TLS recomendations

To: Peter Gutmann <pgut001@xxxxxxxxxxxxxxxxx>
Subject: Re: [TLS] Re: NIST TLS recomendations
From: Bodo Moeller <bmoeller@xxxxxxx>
Date: Thu, 2 Nov 2006 11:29:52 +0100
Cc: tls@xxxxxxxxxxxxxx, jas@xxxxxxxxxxx
In-reply-to: <E1GfZJl-0006FB-00@xxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <20061102084802.GA3760@xxxxxxxxxxx> <E1GfZJl-0006FB-00@xxxxxxxxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.9i

On Thu, Nov 02, 2006 at 10:57:01PM +1300, Peter Gutmann wrote:
> Bodo Moeller <bmoeller@xxxxxxx> writes:

>>   Note that using non-anonymous key exchange but not verifying the
>>   certificate is essentially equivalent to anonymous key exchange,
>>   and the same precautions apply.  While non-anonymous key exchange
>>   will generally involve a higher computational and communicational
>>   cost than anonymous key exchange, it may be in the interest of
>>   interoperability not to disable non-anonymous key exchange when the
>>   application layer is allowing anonymous key exchange.

> OK, that gets my grunt of approval :-).  However, I've just thought of another
> issue, is it worth noting the special case of a potential DH_anon with TLS-
> PSK?  Currently there are no DH_anon_PSK suites defined, but it would seem
> that one of the goals of TLS-PSK (operation on low-powered devices) would be
> met by DH_anon_PSK, since the PSK avoids the need for the unnecessary cert
> verification.  [...]

Hm, aren't you just describing the DHE_PSK ciphersuites from RFC 4279?
If they are different from what you are thinking of, what is the
difference?

Bodo


_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls

References:
- Re: [TLS] Re: NIST TLS recomendations
  - From: Bodo Moeller
- Re: [TLS] Re: NIST TLS recomendations
  - From: Peter Gutmann

Prev by Date: Re: [TLS] Re: NIST TLS recomendations
Next by Date: RE: [TLS] Re: NIST TLS recomendations
Previous by thread: Re: [TLS] Re: NIST TLS recomendations
Next by thread: RE: [TLS] Re: NIST TLS recomendations
Index(es):
- Date
- Thread