Re: [TLS] I-D Action: draft-ietf-tls-exported-authenticator-00.txt (internet-drafts@ietf.org)
Ilari Liusvaara <ilariliusvaara@welho.com> Mon, 22 May 2017 19:17 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29ACB127863 for <tls@ietfa.amsl.com>; Mon, 22 May 2017 12:17:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OItAmN3kkbcJ for <tls@ietfa.amsl.com>; Mon, 22 May 2017 12:17:39 -0700 (PDT)
Received: from welho-filter4.welho.com (welho-filter4.welho.com [83.102.41.26]) by ietfa.amsl.com (Postfix) with ESMTP id 1115F12773A for <tls@ietf.org>; Mon, 22 May 2017 12:17:38 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id 8BECA244CF; Mon, 22 May 2017 22:17:36 +0300 (EEST)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp2.welho.com ([IPv6:::ffff:83.102.41.85]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id HuyiK_IO-zWm; Mon, 22 May 2017 22:17:35 +0300 (EEST)
Received: from LK-Perkele-V2 (87-92-51-204.bb.dnainternet.fi [87.92.51.204]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by welho-smtp2.welho.com (Postfix) with ESMTPSA id CCD4627B; Mon, 22 May 2017 22:17:35 +0300 (EEST)
Date: Mon, 22 May 2017 22:17:34 +0300
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: Balaji Rajendran <balajirajendran@gmail.com>
Cc: Martin Thomson <martin.thomson@gmail.com>, "tls@ietf.org" <tls@ietf.org>, Sankalp Bagaria <sankalp.nitt@gmail.com>
Message-ID: <20170522191734.GA12974@LK-Perkele-V2.elisa-laajakaista.fi>
References: <CAPZZOThk9GL1T2N06cwkAA4edFp9YmubM20Rn0nu8u-Jp_pObw@mail.gmail.com> <CABkgnnUrp84sWCe+iXYFM9PvGN3uKDu5wdQ_aLZMuwJb6aYgqg@mail.gmail.com> <CABVRomhk7DEvAqPmSa8vzvxf-128+VhoSFpYH6r6Q41BRdtViQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <CABVRomhk7DEvAqPmSa8vzvxf-128+VhoSFpYH6r6Q41BRdtViQ@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/OezLMLTMD18497AB-7ca7J63BVA>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-exported-authenticator-00.txt (internet-drafts@ietf.org)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 May 2017 19:17:41 -0000
On Mon, May 22, 2017 at 11:17:02PM +0530, Balaji Rajendran wrote: > Hi, > > While trying to obtain an authenticator, the private key used for > signing the certificate is demanded. > > Is it safe to do such operations or is it the public key associated with > the Certificate? The private key needed is the private key corresponding with the public key in end-entity SubjectPublicKeyInfo in the exported authenticator. This is analogous with the main TLS handshake. However, the key used might be different with what was used for the main handshake. Specifically, if the certificate in main handshake and exported authenticator have the same SubjectPublicKeyInfo, then the private keys used will be the same. If the SubjectPublicKeyInfo's are different, then the private keys will be different. -Ilari
- Re: [TLS] I-D Action: draft-ietf-tls-exported-aut… Sankalp Bagaria
- Re: [TLS] I-D Action: draft-ietf-tls-exported-aut… Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-exported-aut… Balaji Rajendran
- Re: [TLS] I-D Action: draft-ietf-tls-exported-aut… Ilari Liusvaara