IETF Logo Mail Archive

Re: [TLS] draft-ray-tls-encrypted-handshake-00.txt

Mohamad Badra <mbadra@gmail.com> Sun, 06 May 2012 07:56 UTC

Return-Path: <mbadra@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B100921F844D for <tls@ietfa.amsl.com>; Sun, 6 May 2012 00:56:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.549
X-Spam-Level:
X-Spam-Status: No, score=-3.549 tagged_above=-999 required=5 tests=[AWL=0.049, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G9eC7meSX8Oc for <tls@ietfa.amsl.com>; Sun, 6 May 2012 00:56:21 -0700 (PDT)
Received: from mail-vb0-f44.google.com (mail-vb0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id 1E4FC21F844B for <tls@ietf.org>; Sun, 6 May 2012 00:56:21 -0700 (PDT)
Received: by vbbez10 with SMTP id ez10so3377411vbb.31 for <tls@ietf.org>; Sun, 06 May 2012 00:56:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=VewIMpZHgFmx35zc44sHlr9y69GMa896nEQz5ro6axQ=; b=eYkeKWRoacpRtCj+DrviRUf0yNsPpmprF2K+mrS9hMCWUdKRVNBzaMv9CqCijuczkq VsI0SZ/O6KVmjz+EWhR/NjOdS14zvhIzTeQwuE3aqpE+cWx0aDGBVswBUO86z2Ko4uqX fx0ZGoeptzStm9ZP8R1TMl/sSA/4mlQ8nHfGKSoy3XHxJGO/CpJafjMtvMZBsUDz8XIg 02abs7GGu/9fP1ItLjR3LM5Vmm3qc3DWhr2CdRpcGTGWyW/uzUTYCtSy0UWcZE76x/FN eIiwphxJBCNKhS90iidrdZP1tq2+rPQyS1uwD3PmHr/gKa9/xAvSj6SMDZJH5IZigJFW wwLQ==
MIME-Version: 1.0
Received: by 10.220.218.136 with SMTP id hq8mr7431538vcb.68.1336290980625; Sun, 06 May 2012 00:56:20 -0700 (PDT)
Received: by 10.220.5.20 with HTTP; Sun, 6 May 2012 00:56:20 -0700 (PDT)
In-Reply-To: <006FEB08D9C6444AB014105C9AEB133F017A7C056C48@il-ex01.ad.checkpoint.com>
References: <4FA401F7.5060003@extendedsubset.com> <4FA424A3.2010409@pobox.com> <4FA4264A.7070406@extendedsubset.com> <4FA4AE62.20506@pobox.com> <B3912FD3-F167-427A-B8EE-689898200939@checkpoint.com> <4FA55298.9010203@pobox.com> <65A74BBD-AA6D-447C-898D-8CB8C5966943@vpnc.org> <4FA55DAE.8020909@pobox.com> <508C47AD-7999-46EB-832A-4D66AAC87118@vpnc.org> <006FEB08D9C6444AB014105C9AEB133F017A7C056C48@il-ex01.ad.checkpoint.com>
Date: Sun, 06 May 2012 11:56:20 +0400
Message-ID: <CAOhHAXzGu+MR0=21mAbBswvJEsE2JneUhha2zvBF10umKE4cHg@mail.gmail.com>
From: Mohamad Badra <mbadra@gmail.com>
To: Yoav Nir <ynir@checkpoint.com>
Content-Type: multipart/alternative; boundary="14dae9cfccb4377e8f04bf597d07"
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] draft-ray-tls-encrypted-handshake-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 May 2012 07:56:21 -0000

On Sun, May 6, 2012 at 11:50 AM, Yoav Nir <ynir@checkpoint.com> wrote:

>
> And there's no need to have an (EC)DH certificate to authenticate the
> first CCS. The authentication comes later with a digital signature.
>


How then you will be protected against active attacks?
Best regards
Badra

v2.23.0 | Report a Bug | By Email