Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with-extern-psk
Russ Housley <housley@vigilsec.com> Tue, 21 May 2019 13:39 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5555912006A for <tls@ietfa.amsl.com>; Tue, 21 May 2019 06:39:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1FTfov6874Lk for <tls@ietfa.amsl.com>; Tue, 21 May 2019 06:39:33 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B377120041 for <tls@ietf.org>; Tue, 21 May 2019 06:39:33 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 372FB300A9E for <tls@ietf.org>; Tue, 21 May 2019 09:20:15 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id sIXzcaWWOZwx for <tls@ietf.org>; Tue, 21 May 2019 09:20:13 -0400 (EDT)
Received: from a860b60074bd.fios-router.home (unknown [138.88.156.37]) by mail.smeinc.net (Postfix) with ESMTPSA id 13B003005AB; Tue, 21 May 2019 09:20:13 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Message-Id: <68386DDF-788B-4170-99C6-82469262DDF2@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_86AC13F1-04D7-440B-89B4-609043250F6A"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Tue, 21 May 2019 09:39:31 -0400
In-Reply-To: <18193F45-9A43-432C-AE7C-009B0F237598@ll.mit.edu>
Cc: IETF TLS <tls@ietf.org>
To: Uri Blumenthal <uri@ll.mit.edu>
References: <CAOgPGoBA8KykyHmLxqSEp51jyXO673Wb==O9KVx+U23k3h1=Tg@mail.gmail.com> <CAOgPGoDArfcX09bXVT58VgsyXspG76Cm9TNaBUmGgaqUB=ULUA@mail.gmail.com> <623BD5EA-1D76-494C-B87D-55FD1156EBD6@vigilsec.com> <71EB9B8A-C410-4A35-A0FE-3E2BE89E7C65@ll.mit.edu> <a58e25b3-dda2-007d-23e5-45441bce0d9b@nthpermutation.com> <18193F45-9A43-432C-AE7C-009B0F237598@ll.mit.edu>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/mkOCY8NiT30yZKiY316RkX6JtFQ>
Subject: Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with-extern-psk
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 May 2019 13:39:35 -0000
Uri: As my note said, "... until post-quantum algorithms emerge from the NIST process." Russ > On May 20, 2019, at 5:11 PM, Blumenthal, Uri - 0553 - MITLL <uri@ll.mit.edu> wrote: > > One question that I have after reading it: I understand why one wants to implement this extension, but I don’t see how the two endpoints would arrive at that external PSK. > Sadly - we're back to the 1980's in terms of key management. The obvious answers are a) they meet to exchange keys, b) they're given a key through a KDC, c) they get them in the mail. (and I'm really not kidding about (c)) > > I don’t think I get it. There’s a ton of submissions at NIST PQC, most came with some formal proofs. I can’t believe none of them is good enough. Anything from that pool should be better than nothing…? > Also, if you do have a running KDC, why would you want/need TLS 1.3 ECDHE in addition to it? > Would such a pre-shared key be long-term (i.e., good/used for many connections), or is it going to be a use-once thing? > >> >> From: TLS <tls-bounces@ietf.org> <mailto:tls-bounces@ietf.org> on behalf of Russ Housley <housley@vigilsec.com> <mailto:housley@vigilsec.com> >> Date: Monday, May 20, 2019 at 3:21 PM >> To: Joe Salowey <joe@salowey.net> <mailto:joe@salowey.net> >> Cc: IETF TLS <tls@ietf.org> <mailto:tls@ietf.org> >> Subject: Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with-extern-psk >> >> TLS 1.3 Extension for Certificate-based Authentication with an External PSK ensures the US Government has a quantum-resistant option for TLS in the interim years until post-quantum algorithms emerge from the NIST process. For this reason, there is an intent to specify this extension in future procurements. >> >> Russ >> >> >> >> >>> On May 15, 2019, at 9:20 AM, Joseph Salowey <joe@salowey.net <mailto:joe@salowey.net>> wrote: >>> >>> The last call has come and gone without any comment. Please indicate if you have reviewed the draft even if you do not have issues to raise so the chairs can see who has reviewed it. Also indicate if you have any plans to implement the draft. >>> >>> On Tue, Apr 9, 2019 at 8:51 PM Joseph Salowey <joe@salowey.net <mailto:joe@salowey.net>> wrote: >>>> This is the working group last call for the "TLS 1.3 Extension for Certificate-based Authentication with an External Pre-Shared Key” draft available at https://datatracker.ietf.org/doc/draft-ietf-tls-tls13-cert-with-extern-psk/ <https://datatracker.ietf.org/doc/draft-ietf-tls-tls13-cert-with-extern-psk/>. Please review the document and send your comments to the list by 2359 UTC on 23 April 2019. >>>> >>>> Thanks, >>>> Chris, Joe, and Sean >> >> >> >> >> >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org <mailto:TLS@ietf.org> >> https://www.ietf.org/mailman/listinfo/tls <https://www.ietf.org/mailman/listinfo/tls> > > _______________________________________________ > TLS mailing list > TLS@ietf.org <mailto:TLS@ietf.org> > https://www.ietf.org/mailman/listinfo/tls <https://www.ietf.org/mailman/listinfo/tls>
- [TLS] WGLC for draft-ietf-tls-tls13-cert-with-ext… Joseph Salowey
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Joseph Salowey
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Peter Yee
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Paul Hoffman
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Russ Housley
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Michael StJohns
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Geoffrey Keating
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Russ Housley
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Russ Housley
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Russ Housley
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Salz, Rich
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Russ Housley
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Hugo Krawczyk
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Christian Huitema
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Russ Housley
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Christian Huitema
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Geoff Keating
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Russ Housley
- Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with… Joseph Salowey