Re: [TLS] User Defined Key Pair
"OMAR HASSAN (RIT Student)" <omh1835@rit.edu> Thu, 11 July 2013 09:42 UTC
Return-Path: <omh1835@g.rit.edu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 906B221F9298 for <tls@ietfa.amsl.com>; Thu, 11 Jul 2013 02:42:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.976
X-Spam-Level:
X-Spam-Status: No, score=-2.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Eaol5vRfPMnW for <tls@ietfa.amsl.com>; Thu, 11 Jul 2013 02:42:45 -0700 (PDT)
Received: from sc3app27.rit.edu (sc3app27.rit.edu [129.21.35.56]) by ietfa.amsl.com (Postfix) with ESMTP id BD2E121F9263 for <tls@ietf.org>; Thu, 11 Jul 2013 02:42:45 -0700 (PDT)
Received: from mail-ie0-f176.google.com (mail-ie0-f176.google.com [209.85.223.176]) by smtp-server.rit.edu (PMDF V6.3-x14 #31420) with ESMTPS id <0MPR00K2WMYPUI@smtp-server.rit.edu> for tls@ietf.org; Thu, 11 Jul 2013 05:42:26 -0400 (EDT)
Received: by mail-ie0-f176.google.com with SMTP id ar20so17308410iec.21 for <tls@ietf.org>; Thu, 11 Jul 2013 02:42:25 -0700 (PDT)
Received: by 10.42.232.200 with HTTP; Thu, 11 Jul 2013 02:42:25 -0700 (PDT)
X-Received: by 10.50.6.16 with SMTP id w16mr13383934igw.29.1373535745820; Thu, 11 Jul 2013 02:42:25 -0700 (PDT)
X-Received: by 10.50.6.16 with SMTP id w16mr13383932igw.29.1373535745737; Thu, 11 Jul 2013 02:42:25 -0700 (PDT)
Date: Thu, 11 Jul 2013 12:42:25 +0300
From: "OMAR HASSAN (RIT Student)" <omh1835@rit.edu>
In-reply-to: <764a0c52c3800444b69cca4b5b26157c.squirrel@www.trepanning.net>
Sender: omh1835@rit.edu
To: Dan Harkins <dharkins@lounge.org>
Message-id: <CALxQUYFwZ8WyFDmCebvLyHoqsOGNBuCaEjiWhZPx0QyExWzcrw@mail.gmail.com>
MIME-version: 1.0
Content-type: multipart/alternative; boundary="047d7ba9797236198704e13936a0"
X-RIT-Received-From: 209.85.223.176
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :x-gm-message-state; bh=RwL89OrcosLoczDMU43F13hyBZDRVDbPH05/Gc7X2ik=; b=PsApTpWU+UD2rxSYwoYsqT1lD0TdG4nX6evId6oATqaB6kRi3KP77XOtP5M+RCp76E kFMCpcCijdv/gmPQ2ZH0Jb6hHllitywHhOZBhn535YZssITdndyJrD5rcaVt4ldrgI+2 K1qpel1gdshmB27vOczUIIKsgnLuzjsFH8ilCt7w02AAnrXA742w0wM+kHi4wRXd7s6w YIioqBf9cPADDDOMWSdrlT/Yr3XXAyyaBEsLLOPdCbSW5PeMlRQGNZNLacn/93xnZ0YI 5FYwFi6n+7ze3Ia70z0UFskTcj1U3L/9Y2//Zl0Lq7o4TIYZUwtKCNaNIVLf6VzQGWdJ i2fA==
X-Google-Sender-Auth: 5JKMOHqwxcSr4x-L6_TmyvFxDas
X-Gm-Message-State: ALoCoQldA8TVx0U405Ie9S3IrOnoXmPIJvJjDb4u8XzG/n5ojDSnUKiI0om+9K3aVbpY8lJvGIZ2a0+Q7ApYJKNnM2HS5zG9UBjWOnGVl60BRXCc01X2/ZJpYRj0uWjUhRVuUQpofwqy
References: <CALxQUYGdagDHr+A4EKN5qPD1jZG+dH8PHwb0-fKJVUN_vC1MSg@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C711B251EE97@USMBX1.msg.corp.akamai.com> <CALxQUYGpcKPOAoZ8J56AoUGx8B3JhdmMche8MdQuqD_S=Y22ZQ@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C711B251EF0E@USMBX1.msg.corp.akamai.com> <CALxQUYF1=oFBk=WZFoey+28j7MV7YvSkAD-YzJSeQ0Dp7uXmEA@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C711B251EFFF@USMBX1.msg.corp.akamai.com> <764a0c52c3800444b69cca4b5b26157c.squirrel@www.trepanning.net>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] User Defined Key Pair
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jul 2013 09:42:50 -0000
Hi Dan, I had a quick look at your work item, and I have some questions: What will be the consequences if the server data has be stolen? will the attacker be able to impersonate as the user? How will the password be stored in the server initially? How will you handle TLS termination that is used many websites to centralize the related measurements and protection against the common SSL attacks in one place, and to allow the application firewalls to validate and check the incoming requests for application-level attacks such as SQL injection and cross-site scripting? Thanks On Wed, Jul 10, 2013 at 8:49 PM, Dan Harkins <dharkins@lounge.org> wrote: > > On Mon, June 24, 2013 11:34 am, Salz, Rich wrote: > [snip] > > If you are trying to avoid CA's, then why not just use self-signed > > certificates or similar like PGP? > > Or why not use a protocol that is already a work item of the > TLS working group: > > http://tools.ietf.org/html/draft-ietf-tls-pwd-00 > > Dan. > > > >
- [TLS] User Defined Key Pair OMAR HASSAN (RIT Student)
- Re: [TLS] User Defined Key Pair Salz, Rich
- Re: [TLS] User Defined Key Pair OMAR HASSAN (RIT Student)
- Re: [TLS] User Defined Key Pair Salz, Rich
- Re: [TLS] User Defined Key Pair OMAR HASSAN (RIT Student)
- Re: [TLS] User Defined Key Pair Salz, Rich
- Re: [TLS] User Defined Key Pair OMAR HASSAN (RIT Student)
- Re: [TLS] User Defined Key Pair Stephan T.
- Re: [TLS] User Defined Key Pair Juho Vähä-Herttua
- Re: [TLS] User Defined Key Pair Robert Cragie
- Re: [TLS] User Defined Key Pair Salz, Rich
- Re: [TLS] User Defined Key Pair OMAR HASSAN (RIT Student)
- Re: [TLS] User Defined Key Pair Paras Shah
- Re: [TLS] User Defined Key Pair Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] User Defined Key Pair OMAR HASSAN (RIT Student)
- Re: [TLS] User Defined Key Pair Hannes Tschofenig
- Re: [TLS] User Defined Key Pair OMAR HASSAN (RIT Student)
- Re: [TLS] User Defined Key Pair OMAR HASSAN (RIT Student)
- Re: [TLS] User Defined Key Pair Juho Vähä-Herttua
- Re: [TLS] User Defined Key Pair Juho Vähä-Herttua
- Re: [TLS] User Defined Key Pair OMAR HASSAN (RIT Student)
- Re: [TLS] User Defined Key Pair Paras Shah
- Re: [TLS] User Defined Key Pair Dan Harkins
- Re: [TLS] User Defined Key Pair OMAR HASSAN (RIT Student)
- Re: [TLS] User Defined Key Pair Dan Harkins
- Re: [TLS] User Defined Key Pair Alex Elsayed
- Re: [TLS] User Defined Key Pair OMAR HASSAN (RIT Student)
- Re: [TLS] User Defined Key Pair OMAR HASSAN (RIT Student)