IETF Logo Mail Archive

Re: [TLS] User Defined Key Pair

"Stephan T." <rheoli08@gmail.com> Tue, 25 June 2013 05:24 UTC

Return-Path: <rheoli08@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9C1421F9EFD for <tls@ietfa.amsl.com>; Mon, 24 Jun 2013 22:24:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 098JkhGgk5NK for <tls@ietfa.amsl.com>; Mon, 24 Jun 2013 22:24:21 -0700 (PDT)
Received: from mail-ee0-x235.google.com (mail-ee0-x235.google.com [IPv6:2a00:1450:4013:c00::235]) by ietfa.amsl.com (Postfix) with ESMTP id 5819721F9D98 for <tls@ietf.org>; Mon, 24 Jun 2013 22:24:21 -0700 (PDT)
Received: by mail-ee0-f53.google.com with SMTP id c41so6478343eek.40 for <tls@ietf.org>; Mon, 24 Jun 2013 22:24:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:message-id:mime-version:subject:date:references :to:in-reply-to:x-mailer; bh=IjZI86hN5KKKICgBAwzxKZlS/0Tqg7YD7TNJ2P7KrHE=; b=s3Q+QisgLf4/7lx1rmTtQGtx4Z3aKQn+QM+jYg27wcFVW7djTo6Dh1WAf9rPtN31Z5 xO8BYFJdwmCGow48TN/2lvDeCLorty6kkkmxEybMlgFkj1Fn5czIClbuwmzaRsY3m/cu xbe8F+cnUaBRJepOCukE7jFYZ21uQJWxp/2yMVdqr8uMr/vunuZ3+5uDUC6TXFrfEAV6 XvFCWGmQ4N70+657FfnmUeWIl/B59F86ZZVcFMLo9VQJoL2I7Rc4U0smlyYk26sDOL4M ndNWJWkVK1f18EtcdJWgH2kb3b4pXZNiD4w+p2d9zf9y66ESvjjMeTbvqQm+m/4drYYA Gdhg==
X-Received: by 10.15.94.11 with SMTP id ba11mr28026836eeb.101.1372137860467; Mon, 24 Jun 2013 22:24:20 -0700 (PDT)
Received: from [10.73.8.49] (80-219-144-124.dclient.hispeed.ch. [80.219.144.124]) by mx.google.com with ESMTPSA id n42sm33110044eeh.15.2013.06.24.22.24.18 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 24 Jun 2013 22:24:19 -0700 (PDT)
From: "Stephan T." <rheoli08@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_42080809-60AF-4DF6-9AC5-767E19631621"
Message-Id: <E42E590D-7238-4915-8E64-48BC9384918F@gmail.com>
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
Date: Tue, 25 Jun 2013 07:24:18 +0200
References: <CALxQUYGdagDHr+A4EKN5qPD1jZG+dH8PHwb0-fKJVUN_vC1MSg@mail.gmail.com>
To: "OMAR HASSAN (RIT Student)" <omh1835@rit.edu>, tls@ietf.org
In-Reply-To: <CALxQUYGdagDHr+A4EKN5qPD1jZG+dH8PHwb0-fKJVUN_vC1MSg@mail.gmail.com>
X-Mailer: Apple Mail (2.1508)
Subject: Re: [TLS] User Defined Key Pair
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jun 2013 05:24:22 -0000

Hi,

How you made sure that the user (client) is connected with the intended server?


-Stephan


Am 21.06.2013 um 20:35 schrieb OMAR HASSAN (RIT Student) <omh1835@rit.edu>:

> Hello All,
> 
> I have uploaded a new version of the User Defined Key pair protocol that is cleaner and briefer, I will appreciate any comments or suggestions. 
> 
> Just to remind you:
> 
> http://tools.ietf.org/html/draft-omar-tls-udkp-01
> 
> The new protocol is a new way of securing the traffic to websites without being depending on any third party to secure the traffic between the user and the website, so it will be possible for the user to secure his browsing using his credential information, smart card, or a random file on usb. That will make the use of two factor for authentication and traffic security is separated from the application code, the website admin only needs to configure how the users are going to access the website. Additionally there are no passwords required to be transferred any more on the network, which will render the Phishing attack useless.
> 
> The motivation behind the new protocol is to make the security the responsibility of the two involved parties, because as you know, the security and confidentiality of user browsing in TLS depend upon the number of Certificate Authorities (CAs), major web browsers trust hundreds of different firms to issue certificates. Each of these firms can be compelled by their national government, or being compromised to issue a certificate for any particular website that all web browsers will trust without warning.Thus, users around the world are put in a position where their browser entrusts their private data, indirectly, to a large number of governments, and entities. (http://cryptome.org/ssl-mitm.pdf)
> 
> Thank You
> Best Regards
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email