IETF Logo Mail Archive

Re: [TLS] Comments on TLS identity protection

<home_pw@msn.com> Sat, 30 December 2006 08:21 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1H0ZSh-0006ux-G0; Sat, 30 Dec 2006 03:21:03 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1H0ZSg-0006rl-DD for tls@ietf.org; Sat, 30 Dec 2006 03:21:02 -0500
Received: from bay0-omc1-s1.bay0.hotmail.com ([65.54.246.73]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1H0ZSf-0008E0-4A for tls@ietf.org; Sat, 30 Dec 2006 03:21:02 -0500
Received: from hotmail.com ([65.54.174.82]) by bay0-omc1-s1.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Sat, 30 Dec 2006 00:21:00 -0800
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sat, 30 Dec 2006 00:21:00 -0800
Message-ID: <BAY103-DAV1070F66EF01D1FF19643B192C50@phx.gbl>
Received: from 69.227.152.254 by BAY103-DAV10.phx.gbl with DAV; Sat, 30 Dec 2006 08:20:55 +0000
X-Originating-IP: [69.227.152.254]
X-Originating-Email: [home_pw@msn.com]
X-Sender: home_pw@msn.com
From: home_pw@msn.com
To: EKR <ekr@networkresonance.com>
References: <20061229215440.25C961CC37@delta.rtfm.com>
Subject: Re: [TLS] Comments on TLS identity protection
Date: Sat, 30 Dec 2006 00:21:09 -0800
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="original"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Live Mail desktop 8.0.1223
X-MimeOLE: Produced By Microsoft MimeOLE V8.0.1223
X-OriginalArrivalTime: 30 Dec 2006 08:21:00.0524 (UTC) FILETIME=[705472C0:01C72BEB]
X-Spam-Score: 0.2 (/)
X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

> <home_pw@msn.com> wrote:
>> TLS does indeed forbid the _negotiation_ of this defined
>> ciphersuite. (This is
>> why I phrased my claim in terms of SSLv3, which allows it.
> 
> Another way of looking at this is that it's a bug in the
> SSLv3 spec that was fixed in TLS. Are you aware of any
> implementation that in fact allows you to negotiate this
> cipher suite?

I see no reason to see why one should not evaluate EAP-TLS as being
other containing a valid TLS protocol run. While RFC 2716 is marked
experimental, I see no non-standard uses of TLS. The custom
key derivation is in the EAP-TLS layer, assumes access
to the master_secret and nonces in much the same way as NSA/Eric are
proposing in current standards work on PRFs, here. The derivation
is not part of the SSL security state.

So, upon change cipher spec selecting the null ciphersuite, 
we know this has no impact on the EAP-TLS key derivation
for the per-connection keys/ivs/secrets. It does
however set the mechanism requirements for the PPP 
peer, when then negotiating ECP - if required.

So, when EAP-TLS simply do mutual auth, not requiring
any ECP SA session keys, do folks negotiate the NULL ciphersuite, or
do they negotiate the RSA ciphersuite and then just ignore the rule
carrying forward the TLS Connection state to the ECP state?
 

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email