Re: [TLS] PSK in 1.3?

Manuel Pégourié-Gonnard <mpg@polarssl.org> Mon, 20 October 2014 18:15 UTC

Message-ID: <5445513A.50703@polarssl.org>
Date: Mon, 20 Oct 2014 20:15:22 +0200
From: Manuel Pégourié-Gonnard <mpg@polarssl.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0
MIME-Version: 1.0
To: Dan Harkins <dharkins@lounge.org>, Watson Ladd <watsonbladd@gmail.com>
References: <544384C7.9030002@polarssl.org> <78795A6D-3DFA-41C6-A380-C63DDF4C0285@gmail.com> <5443BF11.3090505@polarssl.org> <1D875BD8-2727-4895-842A-FC4FAA482E15@gmail.com> <5e587b4474939cad09c12cbf3625dd98.squirrel@www.trepanning.net> <CACsn0ck0FRHFek59A5+jxDkDGEtXPT8HejO3wO4HnYfHCw6hYg@mail.gmail.com> <74986741b83a76277b2fcfd1e74a75d4.squirrel@www.trepanning.net>
In-Reply-To: <74986741b83a76277b2fcfd1e74a75d4.squirrel@www.trepanning.net>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/4c2e0K31FHeYMs6HV-l1TGz2enk
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] PSK in 1.3?
Precedence: list

On 20/10/2014 19:06, Dan Harkins wrote:
>   Merely making the pool from which the PSK is drawn, for instance
> by making it a bigger or including mixed case

PS: the above reference to "mixed case" makes me think there is a serious
misunderstanding about how keys should be generated. They should be the output
of a properly seeded cryptographically secure DRBG. The very notion of "mixed
case" does not make any sense in this context.

If such misinterpretations can be made, then indeed the RFC should be revised to
be much more explicit about the meaning of pre-shared *key* (as opposed to
password).

Manuel.

Re: [TLS] PSK in 1.3? Yoav Nir
[TLS] PSK in 1.3? Manuel Pégourié-Gonnard
Re: [TLS] PSK in 1.3? Ilari Liusvaara
Re: [TLS] PSK in 1.3? Eric Rescorla
Re: [TLS] PSK in 1.3? Ilari Liusvaara
Re: [TLS] PSK in 1.3? Manuel Pégourié-Gonnard
Re: [TLS] PSK in 1.3? Yoav Nir
Re: [TLS] PSK in 1.3? Hauke Mehrtens
Re: [TLS] PSK in 1.3? Manuel Pégourié-Gonnard
Re: [TLS] PSK in 1.3? Hauke Mehrtens
Re: [TLS] PSK in 1.3? Watson Ladd
Re: [TLS] PSK in 1.3? Jeffrey Walton
Re: [TLS] PSK in 1.3? Paul Bakker
Re: [TLS] PSK in 1.3? Eric Rescorla
Re: [TLS] PSK in 1.3? Eric Rescorla
Re: [TLS] PSK in 1.3? Dan Harkins
Re: [TLS] PSK in 1.3? Watson Ladd
Re: [TLS] PSK in 1.3? Dan Harkins
Re: [TLS] PSK in 1.3? Manuel Pégourié-Gonnard
Re: [TLS] PSK in 1.3? Manuel Pégourié-Gonnard
Re: [TLS] PSK in 1.3? Dan Harkins
Re: [TLS] PSK in 1.3? Watson Ladd
Re: [TLS] PSK in 1.3? Peter Gutmann
Re: [TLS] PSK in 1.3? Manuel Pégourié-Gonnard
Re: [TLS] PSK in 1.3? Dan Harkins
Re: [TLS] PSK in 1.3? Mohamad Badra
Re: [TLS] PSK in 1.3? Peter Gutmann
Re: [TLS] PSK in 1.3? Peter Gutmann
Re: [TLS] PSK in 1.3? Yoav Nir
Re: [TLS] PSK in 1.3? Viktor Dukhovni
Re: [TLS] PSK in 1.3? Dan Harkins
Re: [TLS] PSK in 1.3? Ilari Liusvaara
Re: [TLS] PSK in 1.3? Sven Schäge
Re: [TLS] PSK in 1.3? Christian Kahlo
Re: [TLS] PSK in 1.3? Dan Harkins
Re: [TLS] PSK in 1.3? John Mattsson
Re: [TLS] PSK in 1.3? Alex Elsayed
Re: [TLS] PSK in 1.3? Dan Harkins
Re: [TLS] PSK in 1.3? Dan Harkins
Re: [TLS] PSK in 1.3? Viktor Dukhovni
Re: [TLS] PSK in 1.3? Stephen Checkoway
Re: [TLS] PSK in 1.3? Dan Harkins
Re: [TLS] PSK in 1.3? Stephen Checkoway
Re: [TLS] PSK in 1.3? Dan Harkins
Re: [TLS] PSK in 1.3? Stephen Checkoway
Re: [TLS] PSK in 1.3? Viktor Dukhovni
Re: [TLS] PSK in 1.3? Watson Ladd