Re: [TLS] I-D Action: draft-ietf-tls-external-psk-guidance-00.txt

Sean Turner <sean@sn3rd.com> Sat, 20 June 2020 03:39 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6BFD33A1013 for <tls@ietfa.amsl.com>; Fri, 19 Jun 2020 20:39:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NBfIcsx7bode for <tls@ietfa.amsl.com>; Fri, 19 Jun 2020 20:39:53 -0700 (PDT)
Received: from mail-qt1-x836.google.com (mail-qt1-x836.google.com [IPv6:2607:f8b0:4864:20::836]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 38E113A100D for <tls@ietf.org>; Fri, 19 Jun 2020 20:39:52 -0700 (PDT)
Received: by mail-qt1-x836.google.com with SMTP id e3so2373672qts.12 for <tls@ietf.org>; Fri, 19 Jun 2020 20:39:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=from:content-transfer-encoding:mime-version:subject:date:references :to:in-reply-to:message-id; bh=5m4PAbBnoTtbNEkdv/zm68ew9s0Ng72nIrnlPiMO20c=; b=Izfnwu/Em7ku2gs07t0MSS4aOXfymBIliSwH+ScBuQ9prqN01OmRApd6tu5HlxMihn /kemleGWvppzVSrjMp5ZGar0pK3QDcKvByAQuRa5zC0MGdF4X1HBP+TLD1AbOkDVW0Ur q4ILLGc/PZmlmj3Zy16ibHBBOaZ9ulpGMu6Tw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:date:references:to:in-reply-to:message-id; bh=5m4PAbBnoTtbNEkdv/zm68ew9s0Ng72nIrnlPiMO20c=; b=hBEdjSBbLpioP40g7hyqonJBoFb0t8/gh7XoU8oSbn+cH1mVpR5IVXdnlPyYb/MhM5 kTWcPIrVAx06RIM8sN1195qJrffExBZvCJXuyQV0cv9zm7UsiKYS+Jt9jz6OlbzYLHOM OTVqCysXVHVpNXLc6wLTcNawSM8TTwL/khLYfbO6Mn0/OoNJZfV70hJi6N0G0effdXCV vFjPyNb1ekPcE81sXtSO70EWXCKTuYOX39H5OlXtTimNX/n5V7SPzmQdP5yUV8ythZid MIZtoj64hFYGGVxMTjwZpAHrlzL/T4c/Ln9vuSe3NidtJr4rNaLfRaAOg99T1pRetYSG Mj2w==
X-Gm-Message-State: AOAM530Cb8yy13Xc5mBEPkVHvQyjgHYXSJIy1/ELrDp3QTyZmBjVFToM 754VSNK2HC31C7pSpLTPE2cFbAJq668=
X-Google-Smtp-Source: ABdhPJxJfe+8TluI/pB4YGGYOG6sPBgrffQDc2GkN++AFJKKbqbZrHp3ahjmQXma2r2tDNu30lTFBg==
X-Received: by 2002:aed:2001:: with SMTP id 1mr6467450qta.353.1592624391790; Fri, 19 Jun 2020 20:39:51 -0700 (PDT)
Received: from sn3rd.lan ([75.102.131.34]) by smtp.gmail.com with ESMTPSA id u14sm7662060qkj.18.2020.06.19.20.39.51 for <tls@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 19 Jun 2020 20:39:51 -0700 (PDT)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\))
Date: Fri, 19 Jun 2020 23:39:49 -0400
References: <159245090001.15841.1005352632597031983@ietfa.amsl.com>
To: TLS List <tls@ietf.org>
In-Reply-To: <159245090001.15841.1005352632597031983@ietfa.amsl.com>
Message-Id: <50D6989E-E267-4865-9AA7-9554AADEEE17@sn3rd.com>
X-Mailer: Apple Mail (2.3608.80.23.2.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/GttcRfbeKvzuhLzxEwZOITxA55s>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-external-psk-guidance-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Jun 2020 03:39:55 -0000

Thanks to Chris for uploading the WG version of the draft.

If you have some time over the next couple of weeks please take the time to review this draft. The intent is to issue a WGLC after IETF 108 barring any discontent prior that.

spt

> On Jun 17, 2020, at 23:28, internet-drafts@ietf.org wrote:
> 
> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Transport Layer Security WG of the IETF.
> 
>        Title           : Guidance for External PSK Usage in TLS
>        Authors         : Russ Housley
>                          Jonathan Hoyland
>                          Mohit Sethi
>                          Christopher A. Wood
> 	Filename        : draft-ietf-tls-external-psk-guidance-00.txt
> 	Pages           : 12
> 	Date            : 2020-06-17
> 
> Abstract:
>   This document provides usage guidance for external Pre-Shared Keys
>   (PSKs) in TLS.  It lists TLS security properties provided by PSKs
>   under certain assumptions and demonstrates how violations of these
>   assumptions lead to attacks.  This document also discusses PSK use
>   cases, provisioning processes, and TLS stack implementation support
>   in the context of these assumptions.  It provides advice for
>   applications in various use cases to help meet these assumptions.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-tls-external-psk-guidance/
> 
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-ietf-tls-external-psk-guidance-00
> https://datatracker.ietf.org/doc/html/draft-ietf-tls-external-psk-guidance-00
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls