Re: [TLS] External PSK design team

Mohit Sethi M <mohit.m.sethi@ericsson.com> Tue, 21 January 2020 09:45 UTC

Return-Path: <mohit.m.sethi@ericsson.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84524120096 for <tls@ietfa.amsl.com>; Tue, 21 Jan 2020 01:45:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L2VCb8IL-OzX for <tls@ietfa.amsl.com>; Tue, 21 Jan 2020 01:45:10 -0800 (PST)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2047.outbound.protection.outlook.com [40.107.21.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BEB58120043 for <tls@ietf.org>; Tue, 21 Jan 2020 01:45:09 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GJK9n8YQtgHWm5KsmwLnWNLGQsJTKPrymZmv2FxbhGO0YGWohp8zlhEqAPMJ7PLXXJ1EjmcwNEPIV0sk3crj7yjIuxDy+Tp/SQJx827wv59o+jRe3jkZj/aucQ415LR9khmuuGG2s00XIKrDTalTABLzAS5V9cgCDa9C/4rfuLTknT3PG8NWZMduWS9KU9wYqTNb+tADTGf4MRsbhtOtAonKVysilHphHZg9bUvwuPd4i63/GbGLkUu0GrVAnaeCgeSHUSGn6RobpzRhO/FYfFCzebsWJ3KILPfHsVyFn7Gs440dGYgjK3JpdFlmXPpuFVBdDC5S0bTwcHrU6tldWw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=y7b40XpkJEQrHlbV2N+yHmNSC1kA06EV1EOeA9l0diA=; b=l+VftRmWTbGyhj2byyHJlWyHBZAxor3sKa4MmaSfORafQfkJ9McgywO1HFCU+b+HDhp8g0vjqO3qPqFFoDFj8JDdxJhAr3rY6vP6gY/R358QG2LCoWclW5smradGEAYEXFPsyAvY7wg+6LmIXQIcIWLA6ENHZSjQfMBotABaw7uMvVAC8hgzfHMQtC6KsC1tJinWcj+az1ItGrFD786oOjPKLNjz0n4inkKc7maHTwGh4zl4cHKIa/XtXiAL8kQxfGaZKfSQdyRWRiTPD1lonfkLzOvOxkKj434AWY6zAMuuG4Aa0hmTL1pLYmYPwAjmqFTzz30V+UU2Wtp1eh5W7A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=y7b40XpkJEQrHlbV2N+yHmNSC1kA06EV1EOeA9l0diA=; b=Ezg+IVJDud8duLHcMvOyFrOpeynDT+HE4L6girn1/0jOoNEDVk8NEwWVD6rf8GQJ3Ks6gArG54uESIN5NfuWTcOnMGappCvxMrQobJOBHFHi696pW7AAwkuHLHLELQARY8F9aqh2uWo2JFMbS2OmsTI02QiaDBfVidm/lDy9jUs=
Received: from DB6PR0701MB2904.eurprd07.prod.outlook.com (10.168.84.145) by DB6PR0701MB3014.eurprd07.prod.outlook.com (10.168.85.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2665.14; Tue, 21 Jan 2020 09:45:06 +0000
Received: from DB6PR0701MB2904.eurprd07.prod.outlook.com ([fe80::69fa:e9b6:4a20:3ede]) by DB6PR0701MB2904.eurprd07.prod.outlook.com ([fe80::69fa:e9b6:4a20:3ede%8]) with mapi id 15.20.2665.015; Tue, 21 Jan 2020 09:45:06 +0000
From: Mohit Sethi M <mohit.m.sethi@ericsson.com>
To: =?utf-8?B?Q29sbSBNYWNDw6FydGhhaWdo?= <colm@allcosts.net>, Sean Turner <sean@sn3rd.com>
CC: TLS List <tls@ietf.org>
Thread-Topic: [TLS] External PSK design team
Thread-Index: AQHV0D91KPdtAASUa0WK3syucs03Xg==
Date: Tue, 21 Jan 2020 09:45:06 +0000
Message-ID: <6b080bb0-bdb5-c424-c6c8-596fbeadb588@ericsson.com>
References: <DCF8B276-346E-4323-A57F-04123D8C126C@sn3rd.com> <CAAF6GDc0kE+hftk1fPPPnEr3ADNguJhN7suoOxHQOsrWxHQVVA@mail.gmail.com>
In-Reply-To: <CAAF6GDc0kE+hftk1fPPPnEr3ADNguJhN7suoOxHQOsrWxHQVVA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mohit.m.sethi@ericsson.com;
x-originating-ip: [2001:14bb:140:3307:cc1e:8406:7a73:dca9]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7819770b-07fa-4571-e0fd-08d79e5698dc
x-ms-traffictypediagnostic: DB6PR0701MB3014:
x-microsoft-antispam-prvs: <DB6PR0701MB3014ABE0CA0BFF148BEE755FD00D0@DB6PR0701MB3014.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0289B6431E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(136003)(39860400002)(346002)(376002)(366004)(199004)(189003)(36756003)(64756008)(76116006)(53546011)(66574012)(966005)(66946007)(66446008)(66556008)(6506007)(66476007)(478600001)(31696002)(86362001)(31686004)(5660300002)(8676002)(316002)(2616005)(6486002)(71200400001)(4326008)(110136005)(186003)(2906002)(81166006)(6512007)(8936002)(81156014); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6PR0701MB3014; H:DB6PR0701MB2904.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Gu2n8138ec5V0tYrSHEL9wX6sw/SW1xGuPM1xIernNc5H7wIDcb88EtmlX57vRzsiVazXZHPMBl4CvK0V1XJARN5hwoXoyRqPSB7B+tqTjFeBlI17XjEyYi9EBqvLcnom8F1yruPjfyJ3OaDcA8rUxTqP8oVzeuMjAPtfKcwcevH8XPY2plduQimtqEpYwaeMDfPJmg72jdbniwNZ1rw4+HeXRyKyGOvJFeNcK71DTt8WYHj6ka9b8I2A70gcHKDiOyag6npQ1fNoGuHssPaIqUSiAwY8T6VCh8KgQonFm0mt04OO+V70r4bdi8MOZKhMEL35VAUDGtlcJZAMFMljC3lzsfSbjqtLCXzFaP7rcVpHwq9H78mQ4CBiGrjGZ220fIE4sHwqtFX8neuBuVYQrOo4a+/YE3N1mb/xugeNN9ThoBm9rHm65JYAm2u0EulX8op4FXkXrMF5yiDnWQgasyyaHDOW5734D3G41XnwKag3yFsksjGrQylrqRh3czgbP9EncXofTjjaUh8Kfi4ZQ==
x-ms-exchange-antispam-messagedata: QyRRA11KPZkzAX655Nao8gegQF3bXlHUwF3vwhqMK6o0loWdmtn3CI8ZlnHMJt9VqJ63rI0SeLEUijS8qvp7XS6Ct2lU6KBFDQ2uE3eHKXOJCLxImXHd2Az7iyZ0o/zhyLbmv6stj4kUELE375Uef45iuSLsBZab+IXNpKEvrFhSLt4kT08L0pudja2HF9uEWLRy9F828lqdjeG2huERzg==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <3799B10E19AE1641944968FE03122BD8@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7819770b-07fa-4571-e0fd-08d79e5698dc
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jan 2020 09:45:06.4443 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: CDoa8zhSLZjhvhY4P6A0LqgQYCkxF6DxrnYWLhLMvXWTcmgKrNvMOezRQ9PTjwvSTcy6MJLWeDU5eqjPGqBBvXD/KrfX867O5WSCR2L0HX0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0701MB3014
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/oZch6fJpcbEvf6uVf4DZ0mCewfA>
Subject: Re: [TLS] External PSK design team
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jan 2020 09:45:15 -0000

I am certainly interested and willing to contribute. We need some 
consensus on whether PSKs can be shared with more than 2 parties, 
whether the parties can switch roles, etc.

EMU is going to work on EAP-TLS-PSK and the question of 
privacy/identities will pop-up there too.

--Mohit

On 1/21/20 7:33 AM, Colm MacCárthaigh wrote:
> Interested, as it happens - this is something I've been working on at Amazon.
>
> On Mon, Jan 20, 2020 at 8:01 PM Sean Turner <sean@sn3rd.com> wrote:
>> At IETF 106, we discussed forming a design team to focus on external PSK management and usage for TLS. The goal of this team would be to produce a document that discusses considerations for using external PSKs, privacy concerns (and possible mitigations) for stable identities, and more developed mitigations for deployment problems such as Selfie. If you have an interest in participating on this design team, please reply to this message and state so by 2359 UTC 31 January 2020.
>>
>> Cheers,
>>
>> Joe and Sean
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>
>