Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.txt
Paul Wouters <paul@nohats.ca> Thu, 26 April 2012 17:57 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E591F21E809F for <tls@ietfa.amsl.com>; Thu, 26 Apr 2012 10:57:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.525
X-Spam-Level:
X-Spam-Status: No, score=-0.525 tagged_above=-999 required=5 tests=[AWL=0.010, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HOST_MISMATCH_COM=0.311, RDNS_DYNAMIC=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IlS2oPiwImfr for <tls@ietfa.amsl.com>; Thu, 26 Apr 2012 10:57:46 -0700 (PDT)
Received: from letoams.cypherpunks.ca (206-248-139-105.dsl.teksavvy.com [206.248.139.105]) by ietfa.amsl.com (Postfix) with ESMTP id E650221E808D for <tls@ietf.org>; Thu, 26 Apr 2012 10:57:45 -0700 (PDT)
Received: by letoams.cypherpunks.ca (Postfix, from userid 500) id 926E68036B; Thu, 26 Apr 2012 13:57:44 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by letoams.cypherpunks.ca (Postfix) with ESMTP id 8641F8032E; Thu, 26 Apr 2012 13:57:44 -0400 (EDT)
Date: Thu, 26 Apr 2012 13:57:44 -0400
From: Paul Wouters <paul@nohats.ca>
To: Simon Josefsson <simon@josefsson.org>
In-Reply-To: <87pqauq4v6.fsf@latte.josefsson.org>
Message-ID: <alpine.LFD.2.02.1204261354440.6626@bofh.nohats.ca>
References: <A11FC42E-1708-4D82-8163-B14013E4B4BA@cisco.com> <87pqauq4v6.fsf@latte.josefsson.org>
User-Agent: Alpine 2.02 (LFD 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Cc: tls@ietf.org
Subject: Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Apr 2012 17:57:47 -0000
On Thu, 26 Apr 2012, Simon Josefsson wrote: > Major concerns: > > 1) Section 3.1 and 3.2 more or less duplicate section 3.1 and 3.2 of RFC > 6091. Wouldn't it be better to describe the RawPublicKey > CertificateType alone, rather than duplicating the entire > CertificateType extension? I think you are right. This was originally done because it started as a new TLS extension, and then also covered what has now been moved to cached-objects. > 2) The "Security Considerations" says that the main challenge with raw > public keys over keys in X.509/OpenPGP is how to associate the public > key with a specific entity. However, I believe the problem is larger > than that, and there is a similar challenge for several other forms of > metadata about a public key. It is not only the identity of a key that > can have significant impact on system security. Other kind of metadata > (for example "do not use this public key after the year 2015") can be > critical for secure deployments. I suggest to add a final paragraph to > discuss this. Sounds reasonable. Will do. > Minor concerns: All fixed as per your suggestions. Paul
- [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.txt Joe Salowey
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Simon Josefsson
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Paul Wouters
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Paul Hoffman
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Paul Hoffman
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Martin Rex
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Paul Hoffman
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Martin Rex
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Martin Rex
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… =JeffH