IETF Logo Mail Archive

Re: [TLS] Some comments about draft-badra-ecdhe-tls-psk-01

"Dan Harkins" <dharkins@lounge.org> Tue, 29 January 2008 18:52 UTC

Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JJvZP-0007cT-5u; Tue, 29 Jan 2008 13:52:31 -0500
Received: from tls by megatron.ietf.org with local (Exim 4.43) id 1JJvZO-0007bU-66 for tls-confirm+ok@megatron.ietf.org; Tue, 29 Jan 2008 13:52:30 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JJvZN-0007bJ-Rm for tls@ietf.org; Tue, 29 Jan 2008 13:52:29 -0500
Received: from colo.trepanning.net ([69.55.226.174]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1JJvZM-00087u-Dt for tls@ietf.org; Tue, 29 Jan 2008 13:52:29 -0500
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id A01601FA6204; Tue, 29 Jan 2008 10:52:27 -0800 (PST)
Received: from 216.31.249.246 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Tue, 29 Jan 2008 10:52:27 -0800 (PST)
Message-ID: <28109.216.31.249.246.1201632747.squirrel@www.trepanning.net>
In-Reply-To: <B356D8F434D20B40A8CEDAEC305A1F24052E8740@esebe105.NOE.Nokia.com>
References: <B356D8F434D20B40A8CEDAEC305A1F240511959C@esebe105.NOE.Nokia.com> <87sl15pxnx.fsf@mocca.josefsson.org> <B356D8F434D20B40A8CEDAEC305A1F24052E8740@esebe105.NOE.Nokia.com>
Date: Tue, 29 Jan 2008 10:52:27 -0800
Subject: Re: [TLS] Some comments about draft-badra-ecdhe-tls-psk-01
From: Dan Harkins <dharkins@lounge.org>
To: Pasi.Eronen@nokia.com
User-Agent: SquirrelMail/1.4.8
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
X-Priority: 3 (Normal)
Importance: Normal
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -0.0 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

  Hi Pasi,

On Tue, January 29, 2008 4:51 am, Pasi.Eronen@nokia.com wrote:
> <not wearing any hats>
>
> Overall comment: While the technical solution is reasonably defined
> and scoped, do we have any evidence that someone cares about it?
> I.e., do we have information suggesting that if this was specified,
> it would actually be used in real world? If we don't, let's not
> spend WG time on it...

  Personally I would view a password-based authentication scheme that
assumes the shared key is a low-entropy one or is selected from a limited
set of keys, like a dictionary, as more useful to the real world. I
believe that is the predominant access method used in the Internet today.

  IEEE P1363.2 has a draft out describing password-based authentication
protocols using elliptic curves.

  While a password-based authentication scheme would be _more_ useful
I still think there's value in pursuing a PSK-based scheme using elliptic
curves. It's an efficient alternative to the existing PSK cipher suites
that use groups based on exponentiation modulus a large prime.

  Dan.





_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email