IETF Logo Mail Archive

Re: [TLS] New Version Notification for draft-wouters-tls-oob-pubkey-01.txt (fwd)

Badra <mbadra@gmail.com> Fri, 18 November 2011 22:24 UTC

Return-Path: <mbadra@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5D7621F84DB for <tls@ietfa.amsl.com>; Fri, 18 Nov 2011 14:24:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bCAhhpHNeO8B for <tls@ietfa.amsl.com>; Fri, 18 Nov 2011 14:24:30 -0800 (PST)
Received: from mail-vw0-f44.google.com (mail-vw0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id 4825821F84D8 for <tls@ietf.org>; Fri, 18 Nov 2011 14:24:30 -0800 (PST)
Received: by vbbfc26 with SMTP id fc26so740699vbb.31 for <tls@ietf.org>; Fri, 18 Nov 2011 14:24:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=SmZCRYTxB63j6gkusomFbh2cMTSogvlHz32sMuI3Vc0=; b=nL/0Xd9p0dlnG6D5gyYfc1rshD/AAXIcoqHz3rQ+VO0q4MkGfPAqG/+BZTekptKwPZ 9t9Ezz1l5pWuc9M84RNTmV3qc/CjfApVkxbhC2tmIFQC9aMSDE9ecgFXhRsKOdfz66Y2 FCveYWvOug6+yv+KhPmqhY15tNH1InBpp6ehs=
MIME-Version: 1.0
Received: by 10.52.37.36 with SMTP id v4mr5434364vdj.61.1321655068629; Fri, 18 Nov 2011 14:24:28 -0800 (PST)
Received: by 10.220.201.71 with HTTP; Fri, 18 Nov 2011 14:24:28 -0800 (PST)
In-Reply-To: <alpine.DEB.2.00.1111181601190.19177@mail.xelerance.com>
References: <alpine.DEB.2.00.1110311914480.17385@mail.xelerance.com> <CABcZeBOqziPWk5Je=Ld+Fa0i-vz+HXKaFTDyswptfKG6dXJkxw@mail.gmail.com> <CAOhHAXyMneJv_-gsKiKkXcyd+03VZdBbaiamyuWm3Y2QNaxtSw@mail.gmail.com> <alpine.DEB.2.00.1111181601190.19177@mail.xelerance.com>
Date: Fri, 18 Nov 2011 23:24:28 +0100
Message-ID: <CAOhHAXzmysLrTj5kODHaxLNvpzax0JUjrSSqvg-oUQyXukTFJQ@mail.gmail.com>
From: Badra <mbadra@gmail.com>
To: Paul Wouters <paul@xelerance.com>
Content-Type: multipart/alternative; boundary="20cf307812b2e19b4404b209cc28"
Cc: tls@ietf.org
Subject: Re: [TLS] New Version Notification for draft-wouters-tls-oob-pubkey-01.txt (fwd)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Nov 2011 22:24:30 -0000

On Fri, Nov 18, 2011 at 10:06 PM, Paul Wouters <paul@xelerance.com> wrote:

> On Fri, 18 Nov 2011, Badra wrote:
>
>  And how does draft-wouters-tls-oob-**pubkey differ
>> from draft-ietf-tls-cached-**info-09?
>>
>
> cached-info still needs PKIX validation on the first run, and then
> supports caching
> the authentication. oob-pubkey allows for out of bound public key
> authentication
> with tls server suppressing the sending of its (often huge) unneeded PKIX
> chain.
>


And how, in your draft, will the client have a copy of server's
authenticated key?

Currently, the server doesn't need to describe known roots. Does it mean
that the server also has a copy of the client's authenticated key?

Best regards,
Badra

v2.23.0 | Report a Bug | By Email