IETF Logo Mail Archive

Re: [TLS] Working Group Last Call for draft-ietf-tls-pwd

Ralf Skyper Kaiser <skyper@thc.org> Tue, 10 December 2013 16:45 UTC

Return-Path: <skyper@thc.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87DD01AE0F6 for <tls@ietfa.amsl.com>; Tue, 10 Dec 2013 08:45:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.357
X-Spam-Level:
X-Spam-Status: No, score=-0.357 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MISSING_HEADERS=1.021, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id csFb8Lgozw2D for <tls@ietfa.amsl.com>; Tue, 10 Dec 2013 08:45:56 -0800 (PST)
Received: from mail-ie0-x22a.google.com (mail-ie0-x22a.google.com [IPv6:2607:f8b0:4001:c03::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 141BC1ADFA3 for <tls@ietf.org>; Tue, 10 Dec 2013 08:45:55 -0800 (PST)
Received: by mail-ie0-f170.google.com with SMTP id qd12so9061435ieb.1 for <tls@ietf.org>; Tue, 10 Dec 2013 08:45:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thc.org; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=exj9E4SY9wWyb+R1IubXR+cY65fvH/91egd7ESBXk5Y=; b=CsMPTs3a/pzYp3gvsVUhQefFbFtv19pAI/iwkBZdoHVpwgDmPufLCcNreGM72CwUNV c87YpjmCZ4aF1qIKkl/EVPOAH64i+8Kg3Woab/VYoUjEiEIcz2rXRNLkxtGdtn/iazK/ wauOSDbA9YZ1kl3vSG2dxRpdRnBwaS+t1G+JU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:cc:content-type; bh=exj9E4SY9wWyb+R1IubXR+cY65fvH/91egd7ESBXk5Y=; b=D8mESfY/jSLvWBapGgEI33MkeBCPVuaV1zPNKly2awNpOwqyDBgtFCNKtDfDIzx1Ba +VabP5UbTkrtdCxIPVIAaewEOalQJf1neB1ZPWthH19eJlAFNgpm+BBQKxzqOTr4SkqE Kd/2M+3DwDY6S/YzFeECpb7+8WnO7JKbicggpqIPS7hmmwyrmCFxjRe4J10dnag3Cd98 KY7CGgfeMdnvbokw9ob4b0oKzsUK3VfKR6JZqeQi2SOKxCngy5QAK+4CzWnNUbWLxhJu Ch3M6IH8mgZlpHMgFF5gcBlNAhDHJeiDOkDEqk59Rzxl8YrKI+imUp1MU9zxlJvQV0tn pWlQ==
X-Gm-Message-State: ALoCoQnNhZ6dnWGhbml4n7lxBRCZGIoL2XAIeTZak83QDQrrj150LClEcF4pRcyo1W8QuJL66SVC
MIME-Version: 1.0
X-Received: by 10.50.136.201 with SMTP id qc9mr19734078igb.11.1386693950605; Tue, 10 Dec 2013 08:45:50 -0800 (PST)
Received: by 10.64.9.41 with HTTP; Tue, 10 Dec 2013 08:45:50 -0800 (PST)
X-Originating-IP: [31.55.30.202]
In-Reply-To: <3065D910-832C-47B6-9E0B-2F8DCD2657D2@cisco.com>
References: <3065D910-832C-47B6-9E0B-2F8DCD2657D2@cisco.com>
Date: Tue, 10 Dec 2013 16:45:50 +0000
Message-ID: <CA+BZK2p70bYGGMjJC-Dm2r4bzP_YzKh0ZODiNvnwVcSDJSLZAw@mail.gmail.com>
From: Ralf Skyper Kaiser <skyper@thc.org>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="089e01229ed856f53004ed30d84b"
Subject: Re: [TLS] Working Group Last Call for draft-ietf-tls-pwd
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2013 16:45:57 -0000

Hi,

I only joined the conversation recently. Had a quick read of
http://tools.ietf.org/html/draft-ietf-tls-pwd-02 and have a question:

In a scenario where multiple users use the same password (group password):

What prevents a user (who knows the password) to impersonating the server
and mount a MITM between another user and the real server?


thanks & regards,

ralf



On Fri, Nov 8, 2013 at 1:11 AM, Joseph Salowey (jsalowey) <
jsalowey@cisco.com> wrote:

> This is the beginning of the working group last call for
>  draft-ietf-tls-pwd-01.   The underlying cryptographic protocol for TLS-PWD
> has been reviewed by the IRTF CFRG group with satisfactory results.  The
> document needs particular attention paid to the integration of this
> mechanism into the TLS protocol.   Please send comments to the TLS list by
> December 2, 2013.
>
> - Joe
> (For the TLS chairs)
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email