[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt

Rob Sayre <sayrer@gmail.com> Mon, 17 March 2025 18:44 UTC

MIME-Version: 1.0
References: <05B28816-9AA9-4035-B451-8ACFFBE2D4DE@apple.com> <CAChr6Sy1Eew1J5z9at3qEwLRWn+7ZLm0f564LobNQGMD7ANQaA@mail.gmail.com> <CABcZeBOpk2cYAyie4=G5=c6V43HvGB70fKVf_e_bQqnt_4C9WQ@mail.gmail.com> <CAF8qwaAoYEZj_t56unUAqz+SaKw6CvMFJ2NmqNmE8skmjKKSpA@mail.gmail.com> <CAChr6Sw+9bZxjcaJMNbY8UZBbmv5ZDnyb7aGtCjXcrtxvfeoew@mail.gmail.com> <CABcZeBNFPLWcYDhv1axqSwTX_w_yatfbJyih8CUMhZfkK5484g@mail.gmail.com> <CAChr6Syji7TKs6GumtmpZ8_tKXb5UK10_b6HdR1PU8Oni0pTkw@mail.gmail.com> <CABcZeBOHSGBOj_4R0bVdCpaRTcVV6=uHOzvWcY9HFei7PbC1fw@mail.gmail.com> <CAChr6SxFNN4wH=45HANWuFZVX8_2HfX14mS2WayVSe_ide2RWg@mail.gmail.com>
In-Reply-To: <CAChr6SxFNN4wH=45HANWuFZVX8_2HfX14mS2WayVSe_ide2RWg@mail.gmail.com>
From: Rob Sayre <sayrer@gmail.com>
Date: Mon, 17 Mar 2025 11:44:36 -0700
Message-ID: <CAChr6Szz2HS71x2DnekY3Os4LaNEJs704rgSjRhVL9z_VF43jg@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Content-Type: multipart/alternative; boundary="000000000000b82c6306308e2e2b"
Message-ID-Hash: JQJRRIR46NK2OXMMLDL7WTGIAU34W26T
CC: Laura Bauman <l_bauman=40apple.com@dmarc.ietf.org>, tls@ietf.org
Precedence: list
Subject: [TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/vlwizFuqMp_AXykc1sf4eeh56qs>

On Mon, Mar 17, 2025 at 10:02 AM Rob Sayre <sayrer@gmail.com> wrote:

> On Mon, Mar 17, 2025 at 9:38 AM Eric Rescorla <ekr@rtfm.com> wrote:
>
>>
>> As above, I don't see what this has to do with PAKEs at all. If you have
>> a third
>> party authentication system, whether sign in with Apple, Google, or some
>> SSO
>> provider, then you don't need to share any secret with the relying party.
>>
>
> In my mind, the idea is that you don't have to rely solely on WebPKI if
> you have that information handy after registration.
>

The other PAKE draft on the agenda explains this motivation better in its
introduction, although the mechanism is different:

https://www.ietf.org/archive/id/draft-guo-pake-pha-tls-01.html#name-introduction

In draft-bmw-tls-pake13-01, the words "such as" are doing a lot of work in
the abstract and introduction. I doubt they are aiming at passwords that a
user types, given all of their other efforts to ditch passwords, but idk.

thanks,
Rob

[TLS] Feedback on draft-bmw-tls-pake13-01.txt Laura Bauman
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Rob Sayre
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Eric Rescorla
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt David Benjamin
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Björn Haase
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Rob Sayre
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Eric Rescorla
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Rob Sayre
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Eric Rescorla
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Rob Sayre
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Rob Sayre
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Laura Bauman
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Rob Sayre
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Christopher Patton
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Eric Rescorla
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Christopher Patton
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Eric Rescorla
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Martin Thomson
[TLS] Re: Feedback on draft-bmw-tls-pake13-01.txt Eric Rescorla