[TLS] [Fwd: Re: [Fwd: {Virus?} I-D Action:draft-latze-tls-tpm-extns-00.txt]]
Carolin Latze <carolin.latze@unifr.ch> Thu, 08 October 2009 08:02 UTC
Return-Path: <carolin.latze@unifr.ch>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BA09928C233 for <tls@core3.amsl.com>; Thu, 8 Oct 2009 01:02:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.993
X-Spam-Level:
X-Spam-Status: No, score=-5.993 tagged_above=-999 required=5 tests=[AWL=-0.145, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_OBFU_ALL=0.751]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TwH9+dQsG-mR for <tls@core3.amsl.com>; Thu, 8 Oct 2009 01:02:20 -0700 (PDT)
Received: from sr-svx-320.unifr.ch (sr-svx-320.unifr.ch [134.21.214.75]) by core3.amsl.com (Postfix) with ESMTP id 5F9E128C228 for <tls@ietf.org>; Thu, 8 Oct 2009 01:02:20 -0700 (PDT)
Received: from diufpc272.unifr.ch ([134.21.72.156]) by sr-svx-320.unifr.ch stage1 with esmtp with id 1MvnyY-0000g7-QJ for <tls@ietf.org> from <carolin.latze@unifr.ch>; Thu, 08 Oct 2009 10:03:50 +0200
Message-ID: <4ACD9CAB.7040605@unifr.ch>
Date: Thu, 08 Oct 2009 10:02:51 +0200
From: Carolin Latze <carolin.latze@unifr.ch>
User-Agent: Thunderbird 2.0.0.23 (X11/20090916)
MIME-Version: 1.0
To: tls@ietf.org
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Subject: [TLS] [Fwd: Re: [Fwd: {Virus?} I-D Action:draft-latze-tls-tpm-extns-00.txt]]
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Oct 2009 08:02:21 -0000
sorry, forgot to include the list... -------- Original Message -------- Subject: Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-tls-tpm-extns-00.txt] Date: Thu, 8 Oct 2009 10:02:09 +0200 From: Carolin Latze <carolin.latze@unifr.ch> To: Blumenthal, Uri <uri@ll.mit.edu> References: <90E934FC4BBC1946B3C27E673B4DB0E4A7E75F6BBC@LLE2K7-BE01.mitll.ad.local> They are still valid X.509... the only difference is that they are self-signed and not CA-signed. And the reason to use self-signed certificates is that you don't need to send another certificate request without loosing security since the self-signed certificates are bound to identity certificates that are signed by a CA. Blumenthal, Uri wrote: > And the reason you want to do this instead of using valid X.509 certs is...? > > > ----- Original Message ----- > From: tls-bounces@ietf.org <tls-bounces@ietf.org> > To: tls@ietf.org <tls@ietf.org> > Sent: Wed Oct 07 11:16:52 2009 > Subject: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-tls-tpm-extns-00.txt] > > Hi all, > > after several experiments with TPMs as authentication devices in > EAP-TLS, we figured out, that the specific modifications in order to use > TPMs might be rather an extension to TLS than an EAP extension. > Therefore, we gave it a try and defined a new TLS extension in order to > use TPM certified keys directly with TLS. We are aware of the fact, that > there is a possibility to request new valid X.509 certificates for those > keys which allows to use them with standard TLS (and do not require a > new extension), but since we want to avoid that request (and we think > that this does not introduce any security issues), we propose this > extension. > > We are always open for discussions, (critical) feedback, suggestions, ... > > Regards > Carolin Latze > > > -------- Original Message -------- > Subject: {Virus?} I-D Action:draft-latze-tls-tpm-extns-00.txt > Date: Wed, 7 Oct 2009 16:45:01 +0200 > From: Internet-Drafts@ietf.org <Internet-Drafts@ietf.org> > Reply-To: internet-drafts@ietf.org <internet-drafts@ietf.org> > To: i-d-announce@ietf.org <i-d-announce@ietf.org> > > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > > Title : Transport Layer Security (TLS) Extensions for the Trusted Platform Module (TPM) > Author(s) : C. Latze, et al. > Filename : draft-latze-tls-tpm-extns-00.txt > Pages : 10 > Date : 2009-10-07 > > Trusted Platform Modules (TPMs) become more and more widespread in > modern desktop and laptop computers and provide secure storage and > cryptographic functions. As one nice feature of TPMs is that they > can be identified uniquely, they provide a good base for device > authentication in protocols like TLS.This document specifies a TLS > extension that allows to use TPM certified keys with TLS in order to > allow for a secure and comfortable device authentication in TLS. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-latze-tls-tpm-extns-00.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > Below is the data which will enable a MIME compliant mail reader > implementation to automatically retrieve the ASCII version of the > Internet-Draft. > > > > -- Carolin Latze PhD Student ICT Engineer Department of Computer Science Swisscom Strategy and Innovation Boulevard de Pérolles 90 Ostermundigenstrasse 93 CH-1700 Fribourg CH-3006 Bern phone: +41 26 300 83 30 +41 79 72 965 27 homepage: http://diuf.unifr.ch/people/latzec -- Carolin Latze PhD Student ICT Engineer Department of Computer Science Swisscom Strategy and Innovation Boulevard de Pérolles 90 Ostermundigenstrasse 93 CH-1700 Fribourg CH-3006 Bern phone: +41 26 300 83 30 +41 79 72 965 27 homepage: http://diuf.unifr.ch/people/latzec
- [TLS] [Fwd: {Virus?} I-D Action:draft-latze-tls-t… Carolin Latze
- Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-t… Blumenthal, Uri
- Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-t… Eric Rescorla
- [TLS] [Fwd: Re: [Fwd: {Virus?} I-D Action:draft-l… Carolin Latze
- Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-t… Blumenthal, Uri
- Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-t… Carolin Latze
- Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-t… Pasi.Eronen
- Re: [TLS] [Fwd: {Virus?} I-D Action:draft-latze-t… Carolin Latze