Re: [TLS] Binder key labels for imported PSKs

"Salz, Rich" <rsalz@akamai.com> Wed, 06 November 2019 02:02 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C8DF8120236 for <tls@ietfa.amsl.com>; Tue, 5 Nov 2019 18:02:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XI9rIG1-MuNr for <tls@ietfa.amsl.com>; Tue, 5 Nov 2019 18:02:50 -0800 (PST)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B636120154 for <tls@ietf.org>; Tue, 5 Nov 2019 18:02:47 -0800 (PST)
Received: from pps.filterd (m0122333.ppops.net [127.0.0.1]) by mx0a-00190b01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xA622lWc027133; Wed, 6 Nov 2019 02:02:47 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=NtKAvGKDJ3amwPMx4U4bR7TXLNlSXbHfwjDHUZbIHVo=; b=Np1WcI/j+LI+EkkCOPIspH1DYWhKQf7SwNHCe8MXDJyM0hSTYgiw4OXFy8HZyZ+6GHke 4Gj+Tt6MF606VcdDXs3vktRW5fKCIarbuG6f+fo1J34BKI+rBW8gp19s3M3IxGEMP9W8 C9jbCDfkN3kGZCOk6cLSiEZL48cCNFnxpwNyb5ZRYgmK/8QRUwYxov+6WswjPWDBYL8m tZx7n/J+DjpjuixhqaokNFQvwPNsqH1l8jTfwrX2ht2t3pH165fCpzq9Y/tMqQggV/Pc 1jjQs9Vl27ZNGuRJryAhHbeyLYb3QdV2P+jasTBJgjpdQSupdMRN/1BtGJI1GYgPkCdC hg==
Received: from prod-mail-ppoint6 (prod-mail-ppoint6.akamai.com [184.51.33.61] (may be forged)) by mx0a-00190b01.pphosted.com with ESMTP id 2w11xd851c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 06 Nov 2019 02:02:47 +0000
Received: from pps.filterd (prod-mail-ppoint6.akamai.com [127.0.0.1]) by prod-mail-ppoint6.akamai.com (8.16.0.27/8.16.0.27) with SMTP id xA622jO4026897; Tue, 5 Nov 2019 21:02:45 -0500
Received: from email.msg.corp.akamai.com ([172.27.123.53]) by prod-mail-ppoint6.akamai.com with ESMTP id 2w154uwf4r-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 05 Nov 2019 21:02:45 -0500
Received: from USMA1EX-DAG1MB3.msg.corp.akamai.com (172.27.123.103) by usma1ex-dag1mb1.msg.corp.akamai.com (172.27.123.101) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 5 Nov 2019 21:02:44 -0500
Received: from USMA1EX-DAG1MB3.msg.corp.akamai.com ([172.27.123.103]) by usma1ex-dag1mb3.msg.corp.akamai.com ([172.27.123.103]) with mapi id 15.00.1473.005; Tue, 5 Nov 2019 21:02:44 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: Sean Turner <sean@sn3rd.com>, TLS List <tls@ietf.org>
Thread-Topic: [TLS] Binder key labels for imported PSKs
Thread-Index: AQHVlETLeHki75CjxEmrbt9Vb6DVTad9ZAQA
Date: Wed, 6 Nov 2019 02:02:44 +0000
Message-ID: <AC0D4727-6EAD-447B-8F73-B5D6AA124490@akamai.com>
References: <be3e3ff3-9561-46a2-a849-382abc847b2a@www.fastmail.com> <7675f5ef-c394-4ec5-b0c4-ca59e7b0e2b7@www.fastmail.com> <CACykbs3NDNfeavzwvYFKH+x8wq4Jj=9GCaH3L86AQ5THoA3VsA@mail.gmail.com> <83b19d14-e03f-467a-9119-148bed049509@www.fastmail.com> <aa48ba79-9411-4722-a3cc-6c16496ada45@www.fastmail.com> <433349D9-6B30-47C8-8036-EC3738E2A33F@sn3rd.com>
In-Reply-To: <433349D9-6B30-47C8-8036-EC3738E2A33F@sn3rd.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1f.0.191103
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.33.80]
Content-Type: text/plain; charset="utf-8"
Content-ID: <DF7FD820DA7EC841A91214DA19CB3726@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-11-05_09:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=797 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1911060019
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,1.0.8 definitions=2019-11-05_09:2019-11-05,2019-11-05 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 clxscore=1011 phishscore=0 spamscore=0 priorityscore=1501 impostorscore=0 malwarescore=0 suspectscore=0 mlxscore=0 mlxlogscore=785 bulkscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1908290000 definitions=main-1911060019
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/nfxyUalhTfea5LI2CEIRCXqQ9nA>
Subject: Re: [TLS] Binder key labels for imported PSKs
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2019 02:02:52 -0000

> Do people agree that we want to prevent PSK Importers from being confused with standard OOB PSKs and that we should do this by changing the label used in the computation of the PSK binder key?
  
Obviously.