Re: [TLS] Pre_shared_key Extension Question
Eric Rescorla <ekr@rtfm.com> Wed, 17 August 2016 22:18 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 6F6EB12D0D9
for <tls@ietfa.amsl.com>; Wed, 17 Aug 2016 15:18:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id rysXXuF1rW3U for <tls@ietfa.amsl.com>;
Wed, 17 Aug 2016 15:18:00 -0700 (PDT)
Received: from mail-yb0-x232.google.com (mail-yb0-x232.google.com
[IPv6:2607:f8b0:4002:c09::232])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 4D6C812D0FB
for <tls@ietf.org>; Wed, 17 Aug 2016 15:17:55 -0700 (PDT)
Received: by mail-yb0-x232.google.com with SMTP id e31so426604ybi.3
for <tls@ietf.org>; Wed, 17 Aug 2016 15:17:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=rtfm-com.20150623.gappssmtp.com; s=20150623;
h=mime-version:in-reply-to:references:from:date:message-id:subject:to
:cc; bh=qqJLARmchcv+04G0AHUNqJ2lYMEw41iaBzyVN1OamDk=;
b=A9JqQw/4mw5srrDvNmMkbFHc/6Fv3E6eHbWMkK3t98vdX4SKJZ8ZnOvdiTNHZT4xtY
TWqR3XGwd6TnTGsmwyaGjj25b+HlrXNlg3fzFxsbh209xBoklE8XqRFCXwdI45ZDaD8g
aqqoDik2lnqL3pjRDeWAw+NsW1b2mP+DkYWMjyVB53ZzsM7tZqOqtDloh7Bfmcgld1t6
Qth6qnwF5iriPC1tBD4MhVnKy5F407HBXjq+YDLOPLK8s6ophAWu+EvvORyMNo3JzhNJ
FL3H8VmAZMN2sc6Ecw1arCtxuuZeTjVq4ygPfzVKKgzM5jg5lFmjpyz/UWyEFjXQ55Ck
13mQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:mime-version:in-reply-to:references:from:date
:message-id:subject:to:cc;
bh=qqJLARmchcv+04G0AHUNqJ2lYMEw41iaBzyVN1OamDk=;
b=FrOYsEEWXaUXUpE3C8RRNUXGx0lmpGZXZuA2KtPYmGD7UwzO8lA1CVJXPtP/LUMO1Y
sm9X+DLawDy5SBKHbxtQ+mMYj9N/YRROWexT7Osr08JW1F/fQKTSS6wqcAdRlMXVqUvD
nR2jz0QMQIkgauWS2aGN8NCcNpOR20QK5Eukts5Am1j5+uuuGr6QY7fMJ7vOtuOt4EX+
wZQwqumFgK+AWHRu5PabTJKO+NckWovoYKqjpcWoNr7nb1bM+EzKoFS4E9a7SIFdvoZf
OPQjIOwDf+4hA3jlo5bBsLLllljefefsyWcj5fjHx9bsQQuzqMrJLfqoKuOLtGjsuXfq
uxeQ==
X-Gm-Message-State: AEkoousw1OkkOIRA49K9d78bdRdcTmBqDr16Tihq5rpBU7z6Kjp4Z03rk7BQ7KFiv8IKpQ0icxLaul3PANRoFw==
X-Received: by 10.37.203.7 with SMTP id b7mr2365251ybg.162.1471472274632; Wed,
17 Aug 2016 15:17:54 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.48.193 with HTTP; Wed, 17 Aug 2016 15:17:14 -0700 (PDT)
In-Reply-To: <fa85eafb-b2f5-b5c2-859a-a2e24d734324@gmx.net>
References: <fa85eafb-b2f5-b5c2-859a-a2e24d734324@gmx.net>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 17 Aug 2016 15:17:14 -0700
Message-ID: <CABcZeBOBffGU6RWgfMkRhqzxLd-yUw0v_CoUvtdDyTR0Ubvm6A@mail.gmail.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Content-Type: multipart/alternative; boundary=94eb2c05a3be3a30a2053a4bd689
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/LP4KFu2lC08W_d33mpNxPqDCKtc>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Pre_shared_key Extension Question
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working
group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>,
<mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>,
<mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Aug 2016 22:18:01 -0000
The intention here was to compensate for not having psk_identity_hint. However, it also allows you to do resumption of PSK-established sessions. It would be a fairly significant simplification to say you could only have one PSK, because then we could easily require the client to prove knowledge of the key, for instance by stuffing a MAC at the end of the ClientHello as we discussed in Berlin. So: Is there any demand for multiple identities? I do not believe there is any in the Web context. If not, we should remove this feature. -Ekr On Thu, Aug 11, 2016 at 1:39 AM, Hannes Tschofenig < hannes.tschofenig@gmx.net> wrote: > Hi all, > > the currently defined “pre_shared_key” extension allows clients to send > a list of the identities. I was wondering in what use cases this is > useful and what policy guides the server to pick the most appropriate > psk identity. I couldn't find any discussion in the document about this > aspect. > > Ciao > Hannes > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
- Re: [TLS] Pre_shared_key Extension Question David Benjamin
- Re: [TLS] Pre_shared_key Extension Question Eric Rescorla
- Re: [TLS] Pre_shared_key Extension Question Benjamin Kaduk
- Re: [TLS] Pre_shared_key Extension Question Eric Rescorla
- Re: [TLS] Pre_shared_key Extension Question Benjamin Kaduk
- Re: [TLS] Pre_shared_key Extension Question Eric Rescorla
- [TLS] Pre_shared_key Extension Question Hannes Tschofenig
- Re: [TLS] Pre_shared_key Extension Question Hannes Tschofenig
- Re: [TLS] Pre_shared_key Extension Question Hannes Tschofenig
- Re: [TLS] Pre_shared_key Extension Question Salz, Rich