Re: [TLS] Should TLS 1.3 use an augmented PAKE by default?
Yaron Sheffer <yaronf.ietf@gmail.com> Fri, 21 March 2014 20:24 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 982D51A09F5 for <tls@ietfa.amsl.com>; Fri, 21 Mar 2014 13:24:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.23
X-Spam-Level:
X-Spam-Status: No, score=-1.23 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_SORBS_WEB=0.77, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5_mFp2txsnp0 for <tls@ietfa.amsl.com>; Fri, 21 Mar 2014 13:24:54 -0700 (PDT)
Received: from mail-ee0-x22a.google.com (mail-ee0-x22a.google.com [IPv6:2a00:1450:4013:c00::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 2F13B1A08FA for <tls@ietf.org>; Fri, 21 Mar 2014 13:24:54 -0700 (PDT)
Received: by mail-ee0-f42.google.com with SMTP id d17so2223338eek.29 for <tls@ietf.org>; Fri, 21 Mar 2014 13:24:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=csKKfB3Y4TaL4K3xqEJMWwe3cD3wEiquneppjV23fhA=; b=VAcg3ms65S73/dGlnc6pvjABs5sArFaPpMVU3+j0JQN3WARYBcmHPiRsQnZV+Cc4fE yofQhtlxLsraKp4PRGs/PMuzKWhZMrIO+1x4qKYkRCwClOcM8h1kCwAazWP1q9J8C6f1 J/ObMxXx6SCY8cD6hdFb6CP65qCZ87WqxvXsZMkvKThuNNqZmzEt0mI9r2qk6/aCpE/8 FbfSbVsp4DAY+zZ8qPpdz8UJYF5qt1R0fzyCDFU5yfxtDGxVw8DuKzoW/zTbI8KJCHrS qwZReSChPDIPZQbPw8/GZyALT1S0WC50ZgJhzAG0x9U87fL/Dfue9nloObxD0UKQV1uC 1Rbw==
X-Received: by 10.15.73.134 with SMTP id h6mr31614473eey.3.1395433484369; Fri, 21 Mar 2014 13:24:44 -0700 (PDT)
Received: from [10.0.0.1] (bzq-79-179-48-141.red.bezeqint.net. [79.179.48.141]) by mx.google.com with ESMTPSA id bc51sm13944046eeb.22.2014.03.21.13.24.43 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 21 Mar 2014 13:24:43 -0700 (PDT)
Message-ID: <532CA00A.6070407@gmail.com>
Date: Fri, 21 Mar 2014 22:24:42 +0200
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Yoav Nir <ynir.ietf@gmail.com>, Paul Hoffman <paul.hoffman@vpnc.org>
References: <53288C43.9010205@mit.edu> <5328B6DF.8070703@fifthhorseman.net> <5328C0C8.9060403@mit.edu> <6b79e0820d349720f12b14d4706a8a5d.squirrel@webmail.dreamhost.com> <CALCETrUz8zCBHiq42GTnkkSaBcpA5pjSvk6kwwPjzn+MtBKMgA@mail.gmail.com> <e38419e3ada3233dbb3f860048703347.squirrel@webmail.dreamhost.com> <CALCETrVgJxfdCxZqc9ttHHNKHm-hdtGbqzHvsQ-6yd5BK=9PDw@mail.gmail.com> <67BAC033-2E23-4F03-A4D9-47875350E6B5@gmail.com> <532B0EAA.5040104@fifthhorseman.net> <8D8698DF-5C06-4F2A-8994-E0A36A987D6D@vpnc.org> <A262CD25-DD20-48A1-B74D-B0238581A419@gmail.com>
In-Reply-To: <A262CD25-DD20-48A1-B74D-B0238581A419@gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/0rJSaZyPYJNebZQ_qh_AAksOCDg
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Should TLS 1.3 use an augmented PAKE by default?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Mar 2014 20:24:56 -0000
> Huh. I was about to reply “you, me, Andy, and what army?” > > Seriously, we can’t establish a new norm in any forum that does not include web designers and UX people. Somewhere there are people who design the UX for people browsing Facebook, Gmail, my bank, Amazon and some web store selling dog food over the Internet. They get to decide what technology goes into the web site, and unfortunately none of them attend the meetings of any of the groups you mentioned. In fact, they don’t follow any IETF group, so we can’t even invite them all to a BoF. > > Given that, I don’t think any value of “we” that belongs to the IETF can establish any norms. I wish this was different. > > Yoav > There is a (small) discipline of "security usability". For example, see [1]. Some things that we do have a lot to do with usability, and I think it's time we engaged with that community. "We" here is the SAAG community. This applies to PAKE, browser "padlocks" and phishing. I think this also applies that which shall remain unnamed, but some people call OE, and some other people hate them for that. Thanks, Yaron [1] https://cups.cs.cmu.edu/soups/2014/
- [TLS] Should TLS 1.3 use an augmented PAKE by def… Andy Lutomirski
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Daniel Kahn Gillmor
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Andy Lutomirski
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Ryan Sleevi
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Andy Lutomirski
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Andy Lutomirski
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Ryan Sleevi
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Anders Rundgren
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Ryan Sleevi
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Peter Sylvester
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Andy Lutomirski
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Andy Lutomirski
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Yoav Nir
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Daniel Kahn Gillmor
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Paul Hoffman
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Yoav Nir
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Daniel Kahn Gillmor
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Robert Cragie
- [TLS] bootstrapping of constrained devices (was: … Rene Struik
- Re: [TLS] bootstrapping of constrained devices Anders Rundgren
- Re: [TLS] bootstrapping of constrained devices (w… Michael Sweet
- Re: [TLS] bootstrapping of constrained devices (w… t.petch
- Re: [TLS] bootstrapping of constrained devices (w… Michael Sweet
- Re: [TLS] bootstrapping of constrained devices Anders Rundgren
- Re: [TLS] bootstrapping of constrained devices (w… Max Pritikin (pritikin)
- Re: [TLS] bootstrapping of constrained devices (w… Don Sturek
- Re: [TLS] bootstrapping of constrained devices Robert Cragie
- Re: [TLS] bootstrapping of constrained devices Watson Ladd
- Re: [TLS] bootstrapping of constrained devices Paterson, Kenny
- Re: [TLS] bootstrapping of constrained devices Feng Hao
- Re: [TLS] bootstrapping of constrained devices Paterson, Kenny
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Yaron Sheffer
- Re: [TLS] Should TLS 1.3 use an augmented PAKE by… Yaron Sheffer
- Re: [TLS] bootstrapping of constrained devices Feng Hao
- Re: [TLS] bootstrapping of constrained devices Dan Harkins