Re: [TLS] Comments on TLS identity protection
badra <badra@isima.fr> Wed, 20 December 2006 10:28 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GwygV-0003Ib-4A; Wed, 20 Dec 2006 05:28:27 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GwygU-0003FR-Bm for tls@ietf.org; Wed, 20 Dec 2006 05:28:26 -0500
Received: from sp.isima.fr ([193.55.95.1]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GwygS-0006d4-Ub for tls@ietf.org; Wed, 20 Dec 2006 05:28:26 -0500
Received: from [127.0.0.1] (pc158.isima.fr [193.55.95.158]) by sp.isima.fr (8.9.3/jtpda-5.3.1) with ESMTP id LAA61766 ; Wed, 20 Dec 2006 11:27:01 +0100
Message-ID: <4589103B.1050402@isima.fr>
Date: Wed, 20 Dec 2006 11:28:11 +0100
From: badra <badra@isima.fr>
User-Agent: Thunderbird 1.5.0.8 (Windows/20061025)
MIME-Version: 1.0
Subject: Re: [TLS] Comments on TLS identity protection
References: <20061219204505.5F2EE5C01E@laser.networkresonance.com> <61434.86.72.162.216.1166567558.squirrel@www.isima.fr> <86ejqvpl6s.fsf@raman.networkresonance.com> <45890C86.5090803@enst.fr>
In-Reply-To: <45890C86.5090803@enst.fr>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Eric Rescorla writes: > badra@isima.fr writes: > >> In EAP-TLS, an implementation of TLS for Wireless LAN and later for >> WiMAX, >> the client is authenticated based on the certificate's use. This is the >> initial motivation of this work. >> > > Yes, but I don't think this really explains why the certificate > needs to be kept secret or why the double handshake technique isn't > good enough. > Hi Eric, IMHO, double handshake technique isn't good enough to many environments, especially in performance-constrained environments. In addition: - As you cited in your early mail, double handshake needs two sets of crypto computations and 4 RTTs. The number of RTT significantly increases when using TLS over EAP or UDP. Moreover, the client and the server need to encrypt/decrypt the whole messages of the second handshake. - Double handshake reduces the server performance by a factor of 2 or 3 at least. - In the case where the client has no certificate and the server isn't configured to accept connexions from unauthenticated clients, we can't stop the TLS negotiation early. So the server is overloaded for nothing: the first handshake is already done and the sever doesn't receive a certificate from the client. In the ciphersuites approach, the server and the client can detect such configuration early during the hello phase. - With double handshake, the "privacy" and "no privacy" cannot be implemented together. I mean TLS servers aren't so smart to do that without external configuration and that the client cannot set or negotiate "privacy" with a given server. - Configuration cost. Best regards, Badra _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] Comments on TLS identity protection Eric Rescorla
- Re: [TLS] Comments on TLS identity protection Eric Rescorla
- Re: [TLS] Comments on TLS identity protection Martin Rex
- Re: [TLS] Comments on TLS identity protection Martin Rex
- Re: [TLS] Comments on TLS identity protection badra
- Re: [TLS] Comments on TLS identity protection Eric Rescorla
- Re: [TLS] Comments on TLS identity protection Kyle Hamilton
- Re: [TLS] Comments on TLS identity protection Eric Rescorla
- Re: [TLS] Comments on TLS identity protection Martin Rex
- Re: [TLS] Comments on TLS identity protection badra
- RE: [TLS] Comments on TLS identity protection Peter Williams
- Re: [TLS] Comments on TLS identity protection Eric Rescorla
- RE: [TLS] Comments on TLS identity protection Peter Williams
- RE: [TLS] Comments on TLS identity protection Peter Williams
- Re: [TLS] Comments on TLS identity protection badra
- RE: [TLS] Comments on TLS identity protection Pasi.Eronen
- Re: [TLS] Comments on TLS identity protection badra
- RE: [TLS] Comments on TLS identity protection Pasi.Eronen
- Re: [TLS] Comments on TLS identity protection Bodo Moeller
- Re: [TLS] Comments on TLS identity protection badra
- RE: [TLS] Comments on TLS identity protection Pasi.Eronen
- Re: [TLS] Comments on TLS identity protection badra
- RE: [TLS] Comments on TLS identity protection Pasi.Eronen
- Re: [TLS] Comments on TLS identity protection Eric Rescorla
- RE: [TLS] Comments on TLS identity protection Peter Williams
- Re: [TLS] Comments on TLS identity protection badra
- Re: [TLS] Comments on TLS identity protection Eric Rescorla
- Re: [TLS] Comments on TLS identity protection badra
- Re: [TLS] Comments on TLS identity protection Martin Rex
- Re: [TLS] Comments on TLS identity protection Badra
- Re: [TLS] Comments on TLS identity protection Omirjan Batyrbaev
- Re: [TLS] Comments on TLS identity protection home_pw
- Re: [TLS] Comments on TLS identity protection home_pw
- Re: [TLS] Comments on TLS identity protection EKR
- Re: [TLS] Comments on TLS identity protection home_pw
- Re: [TLS] Comments on TLS identity protection home_pw
- Re: [TLS] Comments on TLS identity protection Martin Rex
- RE: [TLS] Comments on TLS identity protection Peter Williams
- Re: [TLS] Comments on TLS identity protection EKR
- Re: [TLS] Comments on TLS identity protection Martin Rex
- Re: [TLS] Comments on TLS identity protection home_pw
- Re: [TLS] Comments on TLS identity protection EKR
- Re: [TLS] Comments on TLS identity protection home_pw
- Re: [TLS] Comments on TLS identity protection EKR
- Re: [TLS] Comments on TLS identity protection home_pw