Re: [TLS] Please discuss: draft-housley-evidence-extns-00

[Russ Housley <housley@xxxxxxxxxxxx>]

Right, it is persistent, which is not normally a requirement of 
authentication schemes.  However, the point is to focus on the 
properties of the proposed mechanism and see if there is a community 
that would make use of them.

Russ

At 12:32 PM 1/8/2007, Eric Rescorla wrote:
> "Kemp, David P." <DPKemp@xxxxxxxxxxxxxx> writes:
> > Note that:
> > "the crap with the digital signatures is entirely
> > unnecessary for technical analysis."
> > is entirely correct.  But Danvers is a non-sequitur.
> >
> > Ignoring lawyers, non-repudiation, and protocol
> > analysis, the question remains: is there any benefit
> > to providing data origin authentication at the TLS
> > layer?
>
> I don't think "data origin authentication" is the right term
> here, since TLS *does* provide data origin authentication. The
> client knows who he's talking to. What it doesn't provide is
> third party proof of data origin authentication and more importantly
> of message contents.
>
> -Ekr
>
> _______________________________________________
> TLS mailing list
> TLS@xxxxxxxxxxxxxx
> https://www1.ietf.org/mailman/listinfo/tls


_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls