Re: [Cfrg] How to circumvent the obstacles for PAKE integration into TLS // slides.

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Wed, 07 August 2019 12:15 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C986120090 for <cfrg@ietfa.amsl.com>; Wed, 7 Aug 2019 05:15:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=NA91QiPU; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=armh.onmicrosoft.com header.b=Mqd5wpza
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0vE0pXprisWW for <cfrg@ietfa.amsl.com>; Wed, 7 Aug 2019 05:15:32 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80078.outbound.protection.outlook.com [40.107.8.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D2BD512001B for <cfrg@irtf.org>; Wed, 7 Aug 2019 05:15:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NJuAC6HHD227H4X9airql9u1KN8fnjLSCOMRDxqNM2Y=; b=NA91QiPUz5ng+wI7W+Xtkv4ddKBBZye2qHa9XQBgU38MTVlxL3Ds5rgDhbp/0NozoNRaNfCFTtuktQPpi1xLFTHPdqnSpwPpb4E90VCqdxNJV5Bxl2vkYTgB9sKm91ZN8s4ZOs3qcKL144DXfkWKmx1M6agYJifZJrPKgfkQDPw=
Received: from AM4PR08CA0066.eurprd08.prod.outlook.com (2603:10a6:205:2::37) by HE1PR0801MB1851.eurprd08.prod.outlook.com (2603:10a6:3:7b::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.17; Wed, 7 Aug 2019 12:15:27 +0000
Received: from DB5EUR03FT003.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e0a::206) by AM4PR08CA0066.outlook.office365.com (2603:10a6:205:2::37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2157.16 via Frontend Transport; Wed, 7 Aug 2019 12:15:26 +0000
Authentication-Results: spf=temperror (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; irtf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;irtf.org; dmarc=temperror action=none header.from=arm.com;
Received-SPF: TempError (protection.outlook.com: error in processing during lookup of arm.com: DNS Timeout)
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT003.mail.protection.outlook.com (10.152.20.157) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2052.18 via Frontend Transport; Wed, 7 Aug 2019 12:15:26 +0000
Received: ("Tessian outbound 6d016ca6b65d:v26"); Wed, 07 Aug 2019 12:15:23 +0000
X-CR-MTA-TID: 64aa7808
Received: from d93c0c60f8fc.1 (ip-172-16-0-2.eu-west-1.compute.internal [104.47.13.51]) by 64aa7808-outbound-1.mta.getcheckrecipient.com id 49EB6C02-D427-4521-9899-3C1DDC841B96.1; Wed, 07 Aug 2019 12:15:18 +0000
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-he1eur04lp2051.outbound.protection.outlook.com [104.47.13.51]) by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id d93c0c60f8fc.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Wed, 07 Aug 2019 12:15:18 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mhI5YuDxX3kXTZoos67Nsa7aNPVVbITB42Q02JQoklVwlnOdCynLkzT5Cyehz6aHd26b0rAz5LI2PkRpyfK0aFQLvtrHjx2v8F5xzxnpWvkrcp6eU3wVA9MM65Rh32EO5cwxL4l3HWySYOwSAsADVBxjV+o5CVKA9RWFesa4DtNdbZAOsFo5Ev5lPEtW8lMB+hit+x50k0XrLBobH0GgRTmDGysgFHCuSNQEn2MR8aWR36t27VlCt7VTTE6SQ16bPY/3AJHp9V/hS/NokQW30oiOHfxeRzThOjwz+O2ccu1bkFfc0tZ8EwQ+kkGHud8g/vtipz5ZiKXboA4e59o93A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Hok/ZXi/pg9pHTTbnkLiDejh+gTbqSSU9Z43YGXNx9c=; b=HMOsD6QStdgEMT+rpv+1Tc4d6TpHlGF1X/+IFZjQahnx4N3La3KbzkDKqSOIkOUfoK+O05o0JxAlUkGwFOHS0MtRPCM4EVfCOo0k9Bla4cq6U7zXJWZPdyojxM9BrN0Tqv6hUazVaiiPaN1mOGaFmSejytRD63C2Bba48vM8dKEasoaPME40yNg/M7GPyVUGsC6WJ/ttv3LsU0zAbwH9pz8q5StVlPhlLIiWV6gAje1yTixKxEpkwfkC2OVC+pfDv7Q4x5PSA+KM4U/iN3PofC8GeWBSrm/6FaGsfsjP/q+5h/n23j2o1sE6zanussRdqe4Rdzis1eHbmMMEZw+P0Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=arm.com;dmarc=pass action=none header.from=arm.com;dkim=pass header.d=arm.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Hok/ZXi/pg9pHTTbnkLiDejh+gTbqSSU9Z43YGXNx9c=; b=Mqd5wpzabEPRPciGjM865n9/5i9y6G8AhFUyTXwy+sOJ47haG9Q+cTJsobUHp5YAUkk7ksbYG8pabzzfKewWKR92EGccO2i3t/+qvJSTchAQgqhMiEYSnjVceUfkyqVQmSzDuvSN6R+aygylib0H9aY25oxr2Y6u/QSPJLT4Pcc=
Received: from AM0PR08MB5345.eurprd08.prod.outlook.com (52.132.212.135) by AM0PR08MB3697.eurprd08.prod.outlook.com (20.178.23.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.14; Wed, 7 Aug 2019 12:15:16 +0000
Received: from AM0PR08MB5345.eurprd08.prod.outlook.com ([fe80::7532:a9e4:63b6:6a55]) by AM0PR08MB5345.eurprd08.prod.outlook.com ([fe80::7532:a9e4:63b6:6a55%4]) with mapi id 15.20.2136.018; Wed, 7 Aug 2019 12:15:16 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: Jonathan Trostle <jonattr@gmail.com>, "Owen Friel (ofriel)" <ofriel@cisco.com>
CC: =?utf-8?B?QmrDtnJuIEhhYXNl?= <bjoern.haase@endress.com>, CFRG <cfrg@irtf.org>, "hugokraw@gmail.com" <hugokraw@gmail.com>
Thread-Topic: [Cfrg] How to circumvent the obstacles for PAKE integration into TLS // slides.
Thread-Index: AdU/0zW0G1cDrJm7THCybJ0GtxuGUAAGmVwAAEhbfIAABYhggAARP7zQAtugoAAAEBl6UA==
Date: Wed, 7 Aug 2019 12:15:16 +0000
Message-ID: <AM0PR08MB5345FC99B3EABBBF6EFD2353FAD40@AM0PR08MB5345.eurprd08.prod.outlook.com>
References: <VI1PR0501MB225515FC68BD4CBF7C6F904E83C50@VI1PR0501MB2255.eurprd05.prod.outlook.com> <CACsn0ck3AhxHeu6=vAf9CMNLJcjkC59jhWDdGD-RP03DNqCfXA@mail.gmail.com> <20190723042811.GL99187@kduck.mit.edu> <VI1PR0501MB225501B52DC40DC41E6D590683C70@VI1PR0501MB2255.eurprd05.prod.outlook.com> <DM6PR11MB33855C114392B1A400D4C0B2DBC70@DM6PR11MB3385.namprd11.prod.outlook.com> <CAB+1-SckMT6oSJPbuM4fvWqC+8vGVUSYg-qTMt+i4EHBbbn64A@mail.gmail.com>
In-Reply-To: <CAB+1-SckMT6oSJPbuM4fvWqC+8vGVUSYg-qTMt+i4EHBbbn64A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 00407668-c4c1-496a-af48-ade8d9b263c5.1
x-checkrecipientchecked: true
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [80.92.121.27]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: c75b163f-3db6-4e0d-e359-08d71b30edfa
X-MS-Office365-Filtering-HT: Tenant
X-Microsoft-Antispam-Untrusted: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:AM0PR08MB3697;
X-MS-TrafficTypeDiagnostic: AM0PR08MB3697:|HE1PR0801MB1851:
X-MS-Exchange-PUrlCount: 7
X-Microsoft-Antispam-PRVS: <HE1PR0801MB18513D860AB4EBC7CCB90D32FAD40@HE1PR0801MB1851.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
x-forefront-prvs: 01221E3973
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(136003)(396003)(376002)(39860400002)(346002)(366004)(13464003)(189003)(199004)(51444003)(26234003)(9686003)(790700001)(6116002)(3846002)(25786009)(6436002)(53546011)(6506007)(54906003)(229853002)(966005)(26005)(478600001)(2906002)(68736007)(53386004)(236005)(86362001)(6306002)(486006)(476003)(53936002)(76176011)(606006)(14454004)(102836004)(54896002)(6246003)(446003)(55016002)(4326008)(99286004)(74316002)(11346002)(186003)(64756008)(76116006)(66946007)(7696005)(81166006)(81156014)(8676002)(8936002)(66446008)(66476007)(256004)(14444005)(52536014)(5660300002)(7736002)(66066001)(33656002)(66556008)(110136005)(71200400001)(71190400001)(66574012)(316002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR08MB3697; H:AM0PR08MB5345.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info-Original: qng8gNRTv/lkG134UjS0G1vYmBcnv4gwgKraRCWFyy8/jsGJ5QigHwQawPMJ4BtHn1yTtk6mi5Tby4Di5cN/54uQr+zXSeLeE4rZGfHhs2gMVf877svHTV+nkLvZ45NsHsrnYYUHLeSXpDG8Z92HsR+0dysSi8ZJJU78Kmut4Nq/zh7vYPqRIjTSNoYoJk7gKBIBQ+mBTZ1VCWTkKhyq25rT4Ht/xcOCwk8RrUl0mK90B7NaKCvBYHh/F/oHlV0O0pYwawvB+QtboTWn9GBsMl1mPa0Wig1a8EX9CUGL8OvLmEJ+Rex1Hlm+y1ZWjGFlLxzJTkmN6GoByKTsjP/iBCars57EBYGO9ct+Ez+RG5h0JqJFO07EkAFDg+4sxGTYpSoM07GvkKkvQtB/dWQ7Sjppt3XSUt6ui2036O/tbQ8=
Content-Type: multipart/alternative; boundary="_000_AM0PR08MB5345FC99B3EABBBF6EFD2353FAD40AM0PR08MB5345eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB3697
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT003.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: =?us-ascii?Q?CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS?= =?us-ascii?Q?:(10009020)(4636009)(346002)(376002)(136003)(39860400002)(39?= =?us-ascii?Q?6003)(2980300002)(51444003)(26234003)(13464003)(189003)(4043?= =?us-ascii?Q?4004)(199004)(6506007)(99286004)(86362001)(186003)(7696005)(?= =?us-ascii?Q?14454004)(33656002)(3846002)(5660300002)(16586007)(790700001?= =?us-ascii?Q?)(22756006)(6246003)(66574012)(316002)(7736002)(102836004)(9?= =?us-ascii?Q?66005)(606006)(76176011)(8936002)(53546011)(53386004)(107886?= =?us-ascii?Q?003)(26826003)(74316002)(6116002)(478600001)(110136005)(5490?= =?us-ascii?Q?6003)(33964004)(26005)(55016002)(8676002)(61614004)(81156014?= =?us-ascii?Q?)(81166006)(2906002)(54896002)(236005)(4326008)(9686003)(660?= =?us-ascii?Q?66001)(25786009)(476003)(15974865002)(229853002)(71190400001?= =?us-ascii?Q?)(336012)(70586007)(486006)(70206006)(126002)(63370400001)(4?= =?us-ascii?Q?46003)(5024004)(11346002)(6306002)(52536014)(30864003)(35600?= =?us-ascii?Q?4)(14444005)(76130400001)(63350400001);DIR:OUT;SFP:1101;SCL:?= =?us-ascii?Q?1;SRVR:HE1PR0801MB1851;H:64aa7808-outbound-1.mta.getcheckrec?= =?us-ascii?Q?ipient.com;FPR:;SPF:TempError;LANG:en;PTR:ec2-63-35-35-123.e?= =?us-ascii?Q?u-west-1.compute.amazonaws.com;MX:1;A:1;?=
X-MS-Office365-Filtering-Correlation-Id-Prvs: 6e17663f-143b-458b-306a-08d71b30e86e
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(710020)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:HE1PR0801MB1851;
X-Forefront-PRVS: 01221E3973
X-Microsoft-Antispam-Message-Info: OTpWBo3iyuQ48lvTbooQVKioux7hIN9lnNJvMKA/o7EKxgEuvlFBGd13g4GeUfL85bQIn/2qcKc5WVgEUiymBoeppq1984CCsaBXRARUaxzh+6KO/386Zi+/oUN4vG/JuuScBCihmjK/HF6K2LXrXoDIWvbqkTPqwZwoxmHuLnUlm/x9yE6y6OtOTNJ6Q3CY3BPlIIm7tqsaqUqgbews0632YZVj74Ed2lhUJrmHuepO25gCmA7Z0sWhCAtAQCdT0MA0h8z1MPTGPP5YuAjdR/kFB2E9IaDJ/nlxgRK6MOXbuXcBa5Y7I0wDEq6kjSc7Wzv23wPNG8U3PpH19eR7XemuFxU7bPVCCO919BJZs+/NBY2F0agVN9VMN5WMsznIpemqit8BXw5qsPtwiJDYfq1h/M5w9hZ6H+lX18MFRLA=
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Aug 2019 12:15:26.0536 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: c75b163f-3db6-4e0d-e359-08d71b30edfa
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0801MB1851
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/u76WBLyRJFAnZ9ncXNIear8DOaY>
Subject: Re: [Cfrg] How to circumvent the obstacles for PAKE integration into TLS // slides.
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Aug 2019 12:15:36 -0000

Here are my 5 cents:

I don’t expect PAKEs to be used for web-based scenarios as a replacement for passwords used in web-based applications.
Instead, the only use of PAKEs I had seen over the last few years was in the area of IoT as part of onboarding mechanisms.

Unless those folks developing browsers tell me that they want to put PAKEs into their browsers I would focus on the IoT use cases instead. The reason why I am saying this is because FIDO, which also tackles the password problem, looks like a much, much more promising route…

Ciao
Hannes

From: Cfrg <cfrg-bounces@irtf.org>; On Behalf Of Jonathan Trostle
Sent: Mittwoch, 7. August 2019 06:29
To: Owen Friel (ofriel) <ofriel@cisco.com>;
Cc: Björn Haase <bjoern.haase@endress.com>;; CFRG <cfrg@irtf.org>;; hugokraw@gmail.com
Subject: Re: [Cfrg] How to circumvent the obstacles for PAKE integration into TLS // slides.

A good future goal is to eliminate plaintext passwords being sent over TLS.

So a future TLS implementation based on a config setting, could abort a TLS handshake if there is no preshared key authentication or certificate verify sent by the client. It seems the OPAQUE-sign option (in the TLS Opaque draft) supports this but the Exported Authenticators do not.

It seems difficult for a TLS client to know which of Exported Authenticators with OPAQUE or plaintext password over TLS is being used.

Best regards,
Jonathan

On Tue, Jul 23, 2019 at 8:29 AM Owen Friel (ofriel) <ofriel@cisco.com<mailto:ofriel@cisco.com>> wrote:
Björn,

Its worth reading https://datatracker.ietf..org/doc/draft-sullivan-tls-opaque<https://datatracker.ietf.org/doc/draft-sullivan-tls-opaque>  which Nick presented at 104: https://datatracker.ietf.org/meeting/104/materials/slides-104-tls-slides-ietf104-tls-opaque-00. It covers both OPAQUE in the TLS handshake, and OPAQUE via Exported Authenticators https://datatracker.ietf.org/doc/draft-ietf-tls-exported-authenticator/ at some point after TLS handshake has taken place. Its currently OPAQUE specific, but the EA model could probably be applied to other PAKEs. And finally, https://datatracker.ietf..org/doc/draft-ietf-httpbis-http2-secondary-certs/<https://datatracker.ietf.org/doc/draft-ietf-httpbis-http2-secondary-certs/> covers how to use EA with HTTP2.

Owen

-----Original Message-----
From: Cfrg <cfrg-bounces@irtf.org<mailto:cfrg-bounces@irtf.org>> On Behalf Of Björn Haase
Sent: 23 July 2019 08:43
To: Benjamin Kaduk <kaduk@mit.edu<mailto:kaduk@mit.edu>>; Watson Ladd <watsonbladd@gmail.com<mailto:watsonbladd@gmail.com>>
Cc: CFRG <cfrg@irtf.org<mailto:cfrg@irtf.org>>; hugokraw@gmail.com<mailto:hugokraw@gmail.com>
Subject: Re: [Cfrg] How to circumvent the obstacles for PAKE integration into TLS // slides.

Dear Ben,

>To build on that, a big motivation for wanting auth at the HTTP layer
>is that most generic web servers aren't going to know *at TLS handshake
>time* whether a given client is going to need to authenticate for the
>HTTP requests that will subsequently be conveyed over that connection.

I fully agree. When saying this, I think that we might better be careful not to mix-up two aspects:

1) The human at the client side mostly wants to be sure that the server side contents are authentic, from the very beginning.
2) The server side requires authentication often only when operations with privileges are requested.

What we have here is something similar to what I'd be calling "re-authentication use-case" for password checks in a connection that is already established.

Moreover I see differences regarding the use-cases A  "End-customer-managed web servers (IoT)" and  B "Conventional Web-Shop use-cases (Web-PKI)". The main additional benefit of PAKE for use-case A is that the server-authentication (1.) above) is provided also without the need of Web-PKI integration of the server.

I think that one might best try to realize the maximum possible re-use for authentication mechanisms in both use-cases A/B. Again this might be a reason for "outsourcing" all of the user-handling related stuff outside of the main TLS body. Also for use case "B" it might be worth to consider pulling out the password handling out from the main html application. Maybe one could use the same mechanisms of a "user authentication" module that we would be using for PAKE? For doing so again some kind of channel-linked tunnel mechanism through TLS might be helpful/necessary.

Yours,

Björn.

P.S.: I have moved this discussion back to the main list. Sorry for starting this discussion with the "not yet publication-ready" slides.


Mit freundlichen Grüßen I Best Regards

Dr. Björn Haase

Senior Expert Electronics | TGREH Electronics Hardware
Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen
Endress+| Germany
Phone: +49 7156 209 377 | Fax: +49 7156 209 221 bjoern.haase@endress.com<mailto:bjoern.haase@endress.com> |  www.conducta.endress.com<http://www.conducta.endress.com>



Endress+Hauser Conducta GmbH+Co.KG
Amtsgericht Stuttgart HRA 201908
Sitz der Gesellschaft: Gerlingen
Persönlich haftende Gesellschafterin:
Endress+Hauser Conducta Verwaltungsgesellschaft mbH
Sitz der Gesellschaft: Gerlingen
Amtsgericht Stuttgart HRA 201929
Geschäftsführer: Dr. Manfred Jagiella


Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu informieren, wenn wir personenbezogene Daten von Ihnen erheben.
Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis (https://www.endress.com/de/cookies-endress+hauser-website) nach.



Disclaimer:

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. This e-mail does not constitute a contract offer, a contract amendment, or an acceptance of a contract offer unless explicitly and conspicuously designated or stated as such.

_______________________________________________
Cfrg mailing list
Cfrg@irtf.org<mailto:Cfrg@irtf.org>
https://www.irtf.org/mailman/listinfo/cfrg
_______________________________________________
Cfrg mailing list
Cfrg@irtf.org<mailto:Cfrg@irtf.org>
https://www.irtf.org/mailman/listinfo/cfrg
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.