Re: [TLS] Straw poll on TLS SRP status
Yoav Nir <ynir@checkpoint.com> Fri, 01 June 2007 08:25 UTC
Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hu2RW-0007nX-6p; Fri, 01 Jun 2007 04:25:06 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hu2RV-0007nM-5D for tls@ietf.org; Fri, 01 Jun 2007 04:25:05 -0400
Received: from michael.checkpoint.com ([194.29.32.68]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hu2RT-0005xG-LI for tls@ietf.org; Fri, 01 Jun 2007 04:25:05 -0400
Received: from [172.31.24.80] (localhost [127.0.0.1]) by michael.checkpoint.com (8.12.10+Sun/8.12.10) with ESMTP id l518OmFB003329; Fri, 1 Jun 2007 11:24:53 +0300 (IDT)
In-Reply-To: <E1HtPtO-0002Rn-00@medusa01.cs.auckland.ac.nz>
References: <E1HtPtO-0002Rn-00@medusa01.cs.auckland.ac.nz>
Mime-Version: 1.0 (Apple Message framework v752.3)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <D9FE6DEF-E407-44CA-8197-9063B5AA6EFC@checkpoint.com>
Content-Transfer-Encoding: 7bit
From: Yoav Nir <ynir@checkpoint.com>
Subject: Re: [TLS] Straw poll on TLS SRP status
Date: Fri, 01 Jun 2007 11:24:30 +0300
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
X-Mailer: Apple Mail (2.752.3)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e1e48a527f609d1be2bc8d8a70eb76cb
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
I know SRP has the capability to do the whole key exchange, but why do we need it. The problem that both extensions are trying to solve is the problem of using passwords for authentication within TLS. TLS has a perfectly good way for keying already. But again, I'm not saying that SRP should not be used. I'm only saying that we don't need its key-exchange capabilities in this particular context. On May 30, 2007, at 6:15 PM, Peter Gutmann wrote: > Yoav Nir <ynir@checkpoint.com> writes: > >> I think SRP should not be a stand-alone extension, but rather that >> it should >> be introduced as part of EAP. >> >> The choice is between separate extensions for SRP and for each >> authentication >> method, or to introduce them all at once under EAP, as was done in >> IKEv2. > > Is it possible to do this though? Using the taxonomy I posted > earlier, TLS- > SRP would seem to fall into the "modify the crypto portion of the TLS > handshake" bucket (alongside TLS-KRB5 and TLS-PSK), which means > that you > couldn't really do it inside EAP. Admittedly you could do a > standard TLS > handshake and then follow it up with SRP inside EAP purely for the > authentication portion, but that seems (a) messy (see draft-iab- > auth-mech-*) > and (b) a bit of a waste of SRP's capabilities, since it can do the > whole key > exchange step as well. > > Peter. > _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- Re: [TLS] Straw poll on TLS SRP status Tom Wu
- [TLS] Straw poll on TLS SRP status Pasi.Eronen
- Re: [TLS] Straw poll on TLS SRP status Peter Gutmann
- [TLS] Re: Straw poll on TLS SRP status Simon Josefsson
- [TLS] RE: Straw poll on TLS SRP status Pasi.Eronen
- Re: [TLS] Straw poll on TLS SRP status Yoav Nir
- Re: [TLS] RE: Straw poll on TLS SRP status badra
- Re: [TLS] RE: Straw poll on TLS SRP status Peter Gutmann
- Re: [TLS] Straw poll on TLS SRP status Chris Newman
- Re: [TLS] RE: Straw poll on TLS SRP status Tom Wu
- Re: [TLS] Straw poll on TLS SRP status Trevor Perrin
- Re: [TLS] Straw poll on TLS SRP status Steven M. Bellovin
- Re: [TLS] Straw poll on TLS SRP status Nelson B Bolyard
- [TLS] Re: Straw poll on TLS SRP status Simon Josefsson
- RE: [TLS] Straw poll on TLS SRP status Pasi.Eronen
- Re: [TLS] Straw poll on TLS SRP status Paul Hoffman
- Re: [TLS] Straw poll on TLS SRP status tom.petch
- Re: [TLS] Straw poll on TLS SRP status Tom Wu
- Re: [TLS] Straw poll on TLS SRP status Trevor Perrin
- Re: [TLS] Straw poll on TLS SRP status Peter Gutmann
- Re: [TLS] Straw poll on TLS SRP status Yoav Nir
- Re: [TLS] Straw poll on TLS SRP status Peter Gutmann
- RE: [TLS] Straw poll on TLS SRP status Pasi.Eronen
- Re: [TLS] Straw poll on TLS SRP status Yoav Nir
- Re: [TLS] Straw poll on TLS SRP status Brian Minard
- RE: [TLS] Straw poll on TLS SRP status Paul Hoffman
- Re: [TLS] Straw poll on TLS SRP status Martin Rex
- RE: [TLS] Straw poll on TLS SRP status Kemp, David P.
- Re: [TLS] Straw poll on TLS SRP status Martin Rex
- RE: [TLS] Straw poll on TLS SRP status Kemp, David P.
- Re: [TLS] Straw poll on TLS SRP status Martin Rex
- Re: [TLS] Straw poll on TLS SRP status Peter Gutmann
- Re: [TLS] Straw poll on TLS SRP status Peter Gutmann
- Re: [TLS] Straw poll on TLS SRP status Martin Rex
- Re: [TLS] Straw poll on TLS SRP status Yoav Nir
- Re: [TLS] Straw poll on TLS SRP status Peter Gutmann
- Re: [TLS] Straw poll on TLS SRP status Tom Wu
- Re: [TLS] Straw poll on TLS SRP status Peter Sylvester
- RE: [TLS] Straw poll on TLS SRP status Kemp, David P.
- Re: [TLS] Straw poll on TLS SRP status Tom Wu
- Re: [TLS] Straw poll on TLS SRP status Jeffrey Altman
- Re: [TLS] Straw poll on TLS SRP status Jeffrey Altman
- Re: [TLS] Straw poll on TLS SRP status Yoav Nir
- Re: [TLS] Straw poll on TLS SRP status Yoav Nir
- Re: [TLS] Straw poll on TLS SRP status Tom Wu
- RE: [TLS] Straw poll on TLS SRP status Peter Gutmann
- Re: [TLS] Straw poll on TLS SRP status Peter Gutmann
- Re: [TLS] Straw poll on TLS SRP status Yoav Nir
- Re: [TLS] Straw poll on TLS SRP status Peter Gutmann
- Re: [TLS] Straw poll on TLS SRP status Yoav Nir
- Re: [TLS] Straw poll on TLS SRP status Peter Gutmann
- Re: [TLS] Straw poll on TLS SRP status Peter Sylvester
- Re: [TLS] Straw poll on TLS SRP status Nikos Mavrogiannopoulos
- RE: [TLS] Straw poll on TLS SRP status Kemp, David P.
- Re: [TLS] Straw poll on TLS SRP status Peter Sylvester
- Re: [TLS] Straw poll on TLS SRP status Martin Rex
- Re: [***SPAM*** Score/Req: 11.0/5.0] Re: [TLS] St… Jeffrey Altman
- Re: [TLS] Straw poll on TLS SRP status Eric Rescorla
- Re: [TLS] Straw poll on TLS SRP status Martin Rex