RE: [TLS] OTP-TLS I-D [Was: FW: I-D ACTION:draft-linn-otp-tls-00.txt]

<Pasi.Eronen@nokia.com> Mon, 26 June 2006 15:23 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FuswC-0003Pc-4O; Mon, 26 Jun 2006 11:23:44 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FuswA-0003PX-Pr for tls@ietf.org; Mon, 26 Jun 2006 11:23:42 -0400
Received: from mgw-ext13.nokia.com ([131.228.20.172]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Fusw9-0001El-Bu for tls@ietf.org; Mon, 26 Jun 2006 11:23:42 -0400
Received: from esebh108.NOE.Nokia.com (esebh108.ntc.nokia.com [172.21.143.145]) by mgw-ext13.nokia.com (Switch-3.1.8/Switch-3.1.7) with ESMTP id k5QFNefV025290; Mon, 26 Jun 2006 18:23:40 +0300
Received: from esebh101.NOE.Nokia.com ([172.21.138.177]) by esebh108.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 26 Jun 2006 18:22:34 +0300
Received: from esebe105.NOE.Nokia.com ([172.21.143.53]) by esebh101.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 26 Jun 2006 18:22:34 +0300
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [TLS] OTP-TLS I-D [Was: FW: I-D ACTION:draft-linn-otp-tls-00.txt]
Date: Mon, 26 Jun 2006 18:22:38 +0300
Message-ID: <B356D8F434D20B40A8CEDAEC305A1F2402D6371D@esebe105.NOE.Nokia.com>
In-Reply-To: <CBF06F06E674C948AD89E671645B785FFC617A@rsana-ex-hq2.NA.RSA.NET>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [TLS] OTP-TLS I-D [Was: FW: I-D ACTION:draft-linn-otp-tls-00.txt]
Thread-Index: AcaKbfivbRGYQd5jT9u31k4wgZdHeQEoADYAAolPiLA=
From: <Pasi.Eronen@nokia.com>
To: <jlinn@rsasecurity.com>, <tls@ietf.org>
X-OriginalArrivalTime: 26 Jun 2006 15:22:34.0059 (UTC) FILETIME=[593459B0:01C69934]
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 97adf591118a232206bdb5a27b217034
Cc: mnystrom@rsasecurity.com
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

Since the document quite significantly changes how the PSK
ciphersuites work (identity field is re-used to carry a number of
other attributes; new alert messages are added; key-exchange related
information is carried in new TLS extensions; etc.), I think it would
be better to treat OTP as a new TLS key exchange algorithm (and define
new ciphersuites like TLS_OTP_WITH_AES_128_CBC_SA). As it's currently
written, this document certainly is not a "profile" of RFC 4279
in any usual sense of the word...

Couple of additional comments:

- See RFC 3979 section 11: "No IPR Disclosures in IETF Documents"

- Text about "hardening" should give concrete advice on how secure
OTP-TLS actuallly is, given some realistic parameter values (just
talking about "economically unattractive" is very vague).

Best regards,
Pasi 

> -----Original Message-----
> From: ext Linn, John [mailto:jlinn@rsasecurity.com] 
> Sent: 14 June, 2006 14:17
> To: tls@ietf.org
> Cc: Nyström, Magnus
> Subject: [TLS] OTP-TLS I-D [Was: FW: I-D 
> ACTION:draft-linn-otp-tls-00.txt]
> 
> This recent I-D constitutes a profile layered on TLS-PSK, 
> intended to authenticate TLS connections with the general 
> class of One-Time Password (OTP) methods.  We'd like to 
> invite review and comment in the TLS WG.   
> 
> --jl

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls