Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-tls-tpm-extns-00.txt]
"Blumenthal, Uri" <uri@ll.mit.edu> Wed, 07 October 2009 15:41 UTC
Return-Path: <uri@ll.mit.edu>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 22F083A6962 for <tls@core3.amsl.com>; Wed, 7 Oct 2009 08:41:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.504
X-Spam-Level:
X-Spam-Status: No, score=-6.504 tagged_above=-999 required=5 tests=[AWL=0.094, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OjFi93vw2vCP for <tls@core3.amsl.com>; Wed, 7 Oct 2009 08:41:25 -0700 (PDT)
Received: from ll.mit.edu (LLMAIL1.LL.MIT.EDU [129.55.12.41]) by core3.amsl.com (Postfix) with ESMTP id 465483A686C for <tls@ietf.org>; Wed, 7 Oct 2009 08:41:25 -0700 (PDT)
Received: (from smtp@localhost) by ll.mit.edu (8.12.10/8.8.8) id n97Fh18s000598; Wed, 7 Oct 2009 11:43:01 -0400 (EDT)
Received: from lle2k7-hub02.llan.ll.mit.edu( ), claiming to be "LLE2K7-HUB02.mitll.ad.local" via SMTP by llpost, id smtpdAAAxwaizM; Wed Oct 7 11:35:20 2009
Received: from LLE2K7-BE01.mitll.ad.local ([ ]) by LLE2K7-HUB02.mitll.ad.local ([ ]) with mapi; Wed, 7 Oct 2009 11:35:20 -0400
From: "Blumenthal, Uri" <uri@ll.mit.edu>
To: "'carolin.latze@unifr.ch'" <carolin.latze@unifr.ch>, "'tls@ietf.org'" <tls@ietf.org>
Date: Wed, 07 Oct 2009 11:34:48 -0400
Thread-Topic: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-tls-tpm-extns-00.txt]
Thread-Index: AcpHYU9UFwobvWm7RraAZtAwfuyEdAAAndrQ
Message-ID: <90E934FC4BBC1946B3C27E673B4DB0E4A7E75F6BBC@LLE2K7-BE01.mitll.ad.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Subject: Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-tls-tpm-extns-00.txt]
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Oct 2009 15:41:27 -0000
And the reason you want to do this instead of using valid X.509 certs is...? ----- Original Message ----- From: tls-bounces@ietf.org <tls-bounces@ietf.org> To: tls@ietf.org <tls@ietf.org> Sent: Wed Oct 07 11:16:52 2009 Subject: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-tls-tpm-extns-00.txt] Hi all, after several experiments with TPMs as authentication devices in EAP-TLS, we figured out, that the specific modifications in order to use TPMs might be rather an extension to TLS than an EAP extension. Therefore, we gave it a try and defined a new TLS extension in order to use TPM certified keys directly with TLS. We are aware of the fact, that there is a possibility to request new valid X.509 certificates for those keys which allows to use them with standard TLS (and do not require a new extension), but since we want to avoid that request (and we think that this does not introduce any security issues), we propose this extension. We are always open for discussions, (critical) feedback, suggestions, ... Regards Carolin Latze -------- Original Message -------- Subject: {Virus?} I-D Action:draft-latze-tls-tpm-extns-00.txt Date: Wed, 7 Oct 2009 16:45:01 +0200 From: Internet-Drafts@ietf.org <Internet-Drafts@ietf.org> Reply-To: internet-drafts@ietf.org <internet-drafts@ietf.org> To: i-d-announce@ietf.org <i-d-announce@ietf.org> A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Transport Layer Security (TLS) Extensions for the Trusted Platform Module (TPM) Author(s) : C. Latze, et al. Filename : draft-latze-tls-tpm-extns-00.txt Pages : 10 Date : 2009-10-07 Trusted Platform Modules (TPMs) become more and more widespread in modern desktop and laptop computers and provide secure storage and cryptographic functions. As one nice feature of TPMs is that they can be identified uniquely, they provide a good base for device authentication in protocols like TLS.This document specifies a TLS extension that allows to use TPM certified keys with TLS in order to allow for a secure and comfortable device authentication in TLS. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-latze-tls-tpm-extns-00.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. -- Carolin Latze PhD Student ICT Engineer Department of Computer Science Swisscom Strategy and Innovation Boulevard de Pérolles 90 Ostermundigenstrasse 93 CH-1700 Fribourg CH-3006 Bern phone: +41 26 300 83 30 +41 79 72 965 27 homepage: http://diuf.unifr.ch/people/latzec
- [TLS] [Fwd: {Virus?} I-D Action:draft-latze-tls-t… Carolin Latze
- Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-t… Blumenthal, Uri
- Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-t… Eric Rescorla
- [TLS] [Fwd: Re: [Fwd: {Virus?} I-D Action:draft-l… Carolin Latze
- Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-t… Blumenthal, Uri
- Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-t… Carolin Latze
- Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-t… Pasi.Eronen
- Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-t… Carolin Latze