Re: [TLS] External PSK design team // Scope for "Low-entropy PSK" applications

Björn Haase <bjoern.haase@endress.com> Tue, 21 January 2020 16:03 UTC

Return-Path: <bjoern.haase@endress.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3978B1208F4 for <tls@ietfa.amsl.com>; Tue, 21 Jan 2020 08:03:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=endress.com header.b=QW9Kgo4z; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=endress.com header.b=JlegtTH4
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MC-KwXiAiRy7 for <tls@ietfa.amsl.com>; Tue, 21 Jan 2020 08:03:15 -0800 (PST)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60069.outbound.protection.outlook.com [40.107.6.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F047D1208E8 for <tls@ietf.org>; Tue, 21 Jan 2020 08:03:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=efnSQI+vBF09X7nrhy1XE1Q1Eox5XzpNB2PwD1Z9MA8=; b=QW9Kgo4zOd4iqqTWi0eQbk8o3yniLPGNB608eBExZ+kaiwlzaYFZxDMt4y1RLLHcqUmeVr22sHd0Di4b8FVYGoaAN9OYkjDVP7Wzn/y4UyS3hMB+sVNZQUdI3ru9Nhm+hwP0pJ74yyqm0WQ5QcYg2xtpSF2Yjioa4rvCJjkYcas=
Received: from AM3PR05CA0151.eurprd05.prod.outlook.com (2603:10a6:207:3::29) by DB6PR0501MB2840.eurprd05.prod.outlook.com (2603:10a6:4:85::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.23; Tue, 21 Jan 2020 16:03:11 +0000
Received: from VE1EUR03FT040.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e09::203) by AM3PR05CA0151.outlook.office365.com (2603:10a6:207:3::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.20 via Frontend Transport; Tue, 21 Jan 2020 16:03:11 +0000
Authentication-Results: spf=pass (sender IP is 13.79.242.66) smtp.mailfrom=endress.com; ietf.org; dkim=fail (body hash did not verify) header.d=endress.com;ietf.org; dmarc=pass action=none header.from=endress.com;
Received-SPF: Pass (protection.outlook.com: domain of endress.com designates 13.79.242.66 as permitted sender) receiver=protection.outlook.com; client-ip=13.79.242.66; helo=iqsuite.endress.com;
Received: from iqsuite.endress.com (13.79.242.66) by VE1EUR03FT040.mail.protection.outlook.com (10.152.18.210) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2644.23 via Frontend Transport; Tue, 21 Jan 2020 16:03:11 +0000
Received: from mail pickup service by iqsuite.endress.com with Microsoft SMTPSVC; Tue, 21 Jan 2020 17:03:10 +0100
Received: from EUR04-DB3-obe.outbound.protection.outlook.com ([104.47.12.56]) by iqsuite.endress.com over TLS secured channel with Microsoft SMTPSVC(8.5.9600.16384); Tue, 21 Jan 2020 17:03:09 +0100
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jdGY7oq0r0PBiyCsZzk8ufrSJv0c6i+wQdn4hcrdDEOTKcdjQzR37JGrY/d75yjxwAJSkcOxTrxq2NCQUqzG3YbiYi0I1D3bw/TI9TuiceXyco1AWO0govtm8ccLw8IpHkVozrGykG1j9O92dP4ATrCy3XzB/7kZYvOWwM3XghYC0oho8edHtp9liu7wmtcpTwLMG1gs6yYpUW0Zr5wjuhML67275i1Q7sSh/IfLE+kYmmMpsecSO3iuBG61TF7t+y9vZsJmnPOgP7WKLjyxBJL51E7xcAFrdMbUuKgwC+4O0dev8Be7v8FwINv4R2y+fWnE5n1Sp3+TaEPQYq5ObA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QAyDza00BoiPYoej4UhOopdkeG4DkYPwQTrcDGNDSTE=; b=jR6wPLwcWE3YnOfBpwUFuHjaSOyP3OzKZdUPE1fKJNdeuJlhVj85MiAC/PZ4/E57iqxFGmzvUkhEsNjdSlsb/dv0Q19UykJRKz0B+mh/2EG6E8Ql8ublaSCYDnQQR2X4y25zLu2MPBXv5O2KCbgSjOLIOyM+yDqpSvdHt09Nst4laZBbmZW4mdwoZ6e9KUojymcIDrxsP0RH/qpGsOQc0C1Ux8I2P/Bj2fMR6Djv4xuAwP3hUcFGQahQv/R9IxYx3RmGzo3Cwc/wXuOspnTDk6/QC1zIZbqLq/KkZjAHOKUsUx5IVn2kWuGMSuJpn5QVEK8rckIWSKtxbiT70ZiB4Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=endress.com; dmarc=pass action=none header.from=endress.com; dkim=pass header.d=endress.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QAyDza00BoiPYoej4UhOopdkeG4DkYPwQTrcDGNDSTE=; b=JlegtTH4epXyOTnO2kzuRCaubVw5iohL0blAdgCIGzVwP5DkYyhqjzf0D5E8U8tlGnhiAIt/4cNOyPYDYcHP82BQYiRa8KYuTuZT6m/rrEAm9DhMhAzUnqwPQXWdR8ZDO1DvfrS6Vgq3voPQ3WfNbbNORmuvED9+g6NBFi6dVYs=
Received: from VI1PR05MB6509.eurprd05.prod.outlook.com (20.179.25.86) by VI1PR05MB6462.eurprd05.prod.outlook.com (20.179.24.214) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.22; Tue, 21 Jan 2020 16:03:08 +0000
Received: from VI1PR05MB6509.eurprd05.prod.outlook.com ([fe80::c86b:8318:bcac:cd1b]) by VI1PR05MB6509.eurprd05.prod.outlook.com ([fe80::c86b:8318:bcac:cd1b%4]) with mapi id 15.20.2644.027; Tue, 21 Jan 2020 16:03:08 +0000
From: =?utf-8?B?QmrDtnJuIEhhYXNl?= <bjoern.haase@endress.com>
To: Eric Rescorla <ekr@rtfm.com>, Jonathan Hoyland <jonathan.hoyland@gmail.com>
CC: Mohit Sethi M <mohit.m.sethi=40ericsson.com@dmarc.ietf.org>, TLS List <tls@ietf.org>
Thread-Topic: [TLS] External PSK design team // Scope for "Low-entropy PSK" applications
Thread-Index: AdXQdD+hydKw7s0PRmW3aBIBN/73FQ==
Content-Class:
Date: Tue, 21 Jan 2020 16:03:08 +0000
Message-ID: <VI1PR05MB6509A9CD4D51A2E7D4BDD200830D0@VI1PR05MB6509.eurprd05.prod.outlook.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Enabled=True; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SiteId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Owner=bjoern.haase@endress.com; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SetDate=2020-01-21T16:03:06.8688080Z; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Name=Not Protected; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Application=Microsoft Azure Information Protection; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_ActionId=b891aa48-528a-4ea3-b664-dd1a0e957cd8; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Extended_MSFT_Method=Automatic
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=bjoern.haase@endress.com;
x-originating-ip: [93.240.145.106]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: 4b6f70d5-f9fc-4460-ae72-08d79e8b69f9
X-MS-TrafficTypeDiagnostic: VI1PR05MB6462:|DB6PR0501MB2840:
X-Microsoft-Antispam-PRVS: <DB6PR0501MB2840933AA21EBD77E9B25919830D0@DB6PR0501MB2840.eurprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;OLM:9508;
x-forefront-prvs: 0289B6431E
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(376002)(366004)(136003)(346002)(396003)(39860400002)(189003)(199004)(8936002)(2906002)(81156014)(86362001)(53546011)(6506007)(8676002)(52536014)(186003)(19627235002)(85202003)(81166006)(85182001)(26005)(5660300002)(316002)(9686003)(4326008)(110136005)(7696005)(54906003)(66946007)(76116006)(66476007)(66556008)(66446008)(64756008)(55016002)(66574012)(33656002)(966005)(71200400001)(478600001)(45080400002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR05MB6462; H:VI1PR05MB6509.eurprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: endress.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: dYFXKJ/glCesntGZeY9892IcRf8sMvmGJFtArer7XN9e081cqvslBgJ6LIvIDYBIQrLfXMZkl1yfh53u0iIKn4acgBgeG1finZ/rxicQrV1GL9ptFN2geqTDbo3CM9Y00Yz5JrDIs0AlzmCpPQqLmxjO7UamPMgcmn2NsJMv8htQN5Z0PmCY1Z1X62fjI/z33ydhifNx7xoGTI5bPknPZ0enGkbZf8CzT2hw0KA2eaZFSYergrm3YUtdb2x0gzZ0Zs9t46MbBzKcExAxAiCS42c0/ZcGEbe1NVdbwdV3MbLR4Hqh/GrutZrFt5gHaJbGqdm8OJ7ZCKBIA8YG1XmTVenfqMgGiKef9TLmZ0z6/yV9Uykf3BaiHPx3ErQUznw1JkwwisrqH94qPbRTkAGPR9F+tDaXL994kSUcRcAqWLB7Dy94naesfH8o8cpqxbZoaC0INfxj71XE3+XMKFXXEeXDHqiLZs0228enM4W8mSkzREGJagf6joqW+Qaa7JPocBINL2EvngS8jTotoXbpWg==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_VI1PR05MB6509A9CD4D51A2E7D4BDD200830D0VI1PR05MB6509eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR05MB6462
X-OriginalArrivalTime: 21 Jan 2020 16:03:09.0460 (UTC) FILETIME=[467BCD40:01D5D074]
X-Trailer: 1
X-GBS-PROC: CD7fNoXjN9OUZRaiK1tDH9y/ussmkNhFx0KOyE2TjWs=
X-GRP-TAN: IQNE02@9D89C865314249BA82F018D610A4B86E
X-iqsuite-process: processed
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT040.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:13.79.242.66; IPV:; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(136003)(376002)(346002)(396003)(199004)(189003)(26005)(81156014)(33964004)(30864003)(186003)(15974865002)(7696005)(8936002)(336012)(53546011)(6506007)(85182001)(478600001)(81166006)(33656002)(356004)(86362001)(52536014)(19627235002)(5660300002)(8676002)(66574012)(55016002)(4326008)(70586007)(70206006)(9686003)(85202003)(316002)(2906002)(110136005)(966005)(54906003)(45080400002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6PR0501MB2840; H:iqsuite.endress.com; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; A:1; MX:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: c0e8a12a-b796-4c05-4da5-08d79e8b6845
X-Forefront-PRVS: 0289B6431E
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: gm6QBQkb9X9xzNpdkJsWWASaiUkS66Vg5Z0zBd+FAxNWbkGan/2BS8ECDVeOGOmVi/iEUk2hDX9cFiGjyCtxJYSD0Vp0oQCmBne8EMoIabiskJhftu69T6Fcho3e//pSgYgoTVdnGRUEKvvPIQ4P5Aboqj3g/CzCAFsSTwiv1A5HqRL/8XrpKifhSSxZ8eYLoSsGtnQhROIBCZ3EdRo63v20rZOw9Ul69flhvcbvyV1TBq1VARrgoy6/2l1hCTt77qwqyvSEICuAGS1Q+2z06pUsxB0KyPBR2DBrr4RlxgmkYyChoC0IL+LxybCmgx8cfU6kkJezUwVr0f4kHQueAwoa0ZgJ6GpsT8/eF466ldF9hyeHcL/KncpFWgyuGg0/5tVjRoZUap64ITMF2SysMNaoXEB5rajAJW/8l+0nlRF79eV+9kM6V/xAfMnf6vFH415Sd6Udr0oCaLcsn90VoEMWbjSY8968Vj3QbsYy8vMpiIzJlRTbiRxfj02tVOpE1Is2hFgf2uz8ZUzNCIAwqA==
X-OriginatorOrg: endress.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Jan 2020 16:03:11.0857 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 4b6f70d5-f9fc-4460-ae72-08d79e8b69f9
X-MS-Exchange-CrossTenant-Id: 52daf2a9-3b73-4da4-ac6a-3f81adc92b7e
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; Ip=[13.79.242.66]; Helo=[iqsuite.endress.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0501MB2840
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/x8PCBTG5jq5u5zYRyXXpdwQK0tQ>
Subject: Re: [TLS] External PSK design team // Scope for "Low-entropy PSK" applications
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jan 2020 16:03:22 -0000

A question regarding the scope of the PSK design team:

In my opinion there is definitely a need for a secure solution for “low-entropy PSK” approaches. It seems that this topic does not seem to be within the scope that Sethi Mohit did have in mind.
If this topic would be out of the scope of the PSK design team, would there be another team working on this “Low-entropy PSK” aspect?

Yours,

Björn


Mit freundlichen Grüßen I Best Regards 

Dr. Björn Haase 


Senior Expert Electronics | TGREH Electronics Hardware
Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen | Germany
Phone: +49 7156 209 377 | Fax: +49 7156 209 221
bjoern.haase@endress.com |  www.conducta.endress.com 





Endress+Hauser Conducta GmbH+Co.KG
Amtsgericht Stuttgart HRA 201908
Sitz der Gesellschaft: Gerlingen
Persönlich haftende Gesellschafterin:
Endress+Hauser Conducta Verwaltungsgesellschaft mbH
Sitz der Gesellschaft: Gerlingen
Amtsgericht Stuttgart HRA 201929
Geschäftsführer: Dr. Manfred Jagiella

 
Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu informieren, wenn wir personenbezogene Daten von Ihnen erheben.
Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis (https://www.endress.com/de/cookies-endress+hauser-website) nach.

 



Disclaimer: 

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. This e-mail does not constitute a contract offer, a contract amendment, or an acceptance of a contract offer unless explicitly and conspicuously designated or stated as such.
 



Von: Eric Rescorla <ekr@rtfm.com>
Gesendet: Dienstag, 21. Januar 2020 15:52
An: Jonathan Hoyland <jonathan.hoyland@gmail.com>
Cc: Mohit Sethi M <mohit.m.sethi=40ericsson.com@dmarc.ietf.org>rg>; Björn Haase <bjoern.haase@endress.com>om>; TLS List <tls@ietf.org>
Betreff: Re: [TLS] External PSK design team

I am willing to contribute.

-Ekr


On Tue, Jan 21, 2020 at 2:50 AM Jonathan Hoyland <jonathan.hoyland@gmail.com<mailto:jonathan.hoyland@gmail.com>> wrote:
Hi All,

This is something I'm very interested in.

Definitely want to participate.

Regards,

Jonathan

On Tue, 21 Jan 2020 at 10:04, Mohit Sethi M <mohit.m.sethi=40ericsson.com@dmarc.ietf.org<mailto:40ericsson.com@dmarc.ietf.org>> wrote:
I would let CFRG deal with the PAKE selection process:
https://mailarchive.ietf.org/arch/msg/cfrg/-a1sW3jK_5avmb98zmFbCNLmpAs<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmailarchive.ietf.org%2Farch%2Fmsg%2Fcfrg%2F-a1sW3jK_5avmb98zmFbCNLmpAs&data=02%7C01%7Cbjoern.haase%40endress.com%7C85118d6ee98248a1f7f308d79e819bea%7C52daf2a93b734da4ac6a3f81adc92b7e%7C1%7C0%7C637152151820406718&sdata=A830vq0AbXV5EnAGgvMFk%2F5nZEn1HLY8lwYxkK311ns%3D&reserved=0>
and not have this design team spend time and energy on designing PAKEs.

--Mohit

On 1/21/20 11:52 AM, Björn Haase wrote:
> Hello to all,
>
> I am also willing to contribute. My concern is that I observe that in some industrial control applications, PSK mechanisms (that actually require high-entropy keys) are (mis)-used in conjunction with TLS, where the PSK is actually of insufficient entropy (maybe derived only from a 4 digit PIN).
>
> In order to fix this issue, I'd really appreciate to have an PSK-style TLS operation using a balanced PAKE (note that this could be implemented with virtually no computational overhead in comparison to conventional ECDH session key generation).
>
> Yours,
>
> Björn.
>
>
>
> Mit freundlichen Grüßen I Best Regards
>
> Dr. Björn Haase
>
>
> Senior Expert Electronics | TGREH Electronics Hardware
> Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen | Germany
> Phone: +49 7156 209 377 | Fax: +49 7156 209 221
> bjoern.haase@endress.com<mailto:bjoern.haase@endress.com> |  www.conducta.endress.com<http://www.conducta.endress.com>
>
>
>
>
>
> Endress+Hauser Conducta GmbH+Co.KG
> Amtsgericht Stuttgart HRA 201908
> Sitz der Gesellschaft: Gerlingen
> Persönlich haftende Gesellschafterin:
> Endress+Hauser Conducta Verwaltungsgesellschaft mbH
> Sitz der Gesellschaft: Gerlingen
> Amtsgericht Stuttgart HRA 201929
> Geschäftsführer: Dr. Manfred Jagiella
>
>
> Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu informieren, wenn wir personenbezogene Daten von Ihnen erheben.
> Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis (https://www.endress.com/de/cookies-endress+hauser-website) nach.
>
>
>
>
>
> Disclaimer:
>
> The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. This e-mail does not constitute a contract offer, a contract amendment, or an acceptance of a contract offer unless explicitly and conspicuously designated or stated as such.
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: TLS <tls-bounces@ietf.org<mailto:tls-bounces@ietf.org>> Im Auftrag von Mohit Sethi M
> Gesendet: Dienstag, 21. Januar 2020 10:45
> An: Colm MacCárthaigh <colm@allcosts.net<mailto:colm@allcosts.net>>; Sean Turner <sean@sn3rd.com<mailto:sean@sn3rd.com>>
> Cc: TLS List <tls@ietf.org<mailto:tls@ietf.org>>
> Betreff: Re: [TLS] External PSK design team
>
> I am certainly interested and willing to contribute. We need some
> consensus on whether PSKs can be shared with more than 2 parties,
> whether the parties can switch roles, etc.
>
> EMU is going to work on EAP-TLS-PSK and the question of
> privacy/identities will pop-up there too.
>
> --Mohit
>
> On 1/21/20 7:33 AM, Colm MacCárthaigh wrote:
>> Interested, as it happens - this is something I've been working on at Amazon.
>>
>> On Mon, Jan 20, 2020 at 8:01 PM Sean Turner <sean@sn3rd.com<mailto:sean@sn3rd.com>> wrote:
>>> At IETF 106, we discussed forming a design team to focus on external PSK management and usage for TLS. The goal of this team would be to produce a document that discusses considerations for using external PSKs, privacy concerns (and possible mitigations) for stable identities, and more developed mitigations for deployment problems such as Selfie. If you have an interest in participating on this design team, please reply to this message and state so by 2359 UTC 31 January 2020.
>>>
>>> Cheers,
>>>
>>> Joe and Sean
>>> _______________________________________________
>>> TLS mailing list
>>> TLS@ietf.org<mailto:TLS@ietf.org>
>>> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Ftls&amp;data=02%7C01%7Cbjoern.haase%40endress.com%7C5af7f9dcd2f746b6638a08d79e56a7dc%7C52daf2a93b734da4ac6a3f81adc92b7e%7C1%7C0%7C637151967330246544&amp;sdata=xtt%2F1mxS0XbrTQ8mExdzUP%2F%2BHSJKrXANsVqsX%2F4sUZA%3D&amp;reserved=0<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Ftls&data=02%7C01%7Cbjoern.haase%40endress.com%7C85118d6ee98248a1f7f308d79e819bea%7C52daf2a93b734da4ac6a3f81adc92b7e%7C1%7C0%7C637152151820406718&sdata=YZD9dtDQ%2BTKDwYY6%2BH2N0TR6Vuy2rOP5w%2Bc9GlZeiEQ%3D&reserved=0>
>>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org<mailto:TLS@ietf.org>
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Ftls&amp;data=02%7C01%7Cbjoern.haase%40endress.com%7C5af7f9dcd2f746b6638a08d79e56a7dc%7C52daf2a93b734da4ac6a3f81adc92b7e%7C1%7C0%7C637151967330246544&amp;sdata=xtt%2F1mxS0XbrTQ8mExdzUP%2F%2BHSJKrXANsVqsX%2F4sUZA%3D&amp;reserved=0<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Ftls&data=02%7C01%7Cbjoern.haase%40endress.com%7C85118d6ee98248a1f7f308d79e819bea%7C52daf2a93b734da4ac6a3f81adc92b7e%7C1%7C0%7C637152151820416710&sdata=JgkfQSciHLPw9cKMrAE4O0N1RgZFvuU%2FxWVCMvvLzVk%3D&reserved=0>
_______________________________________________
TLS mailing list
TLS@ietf.org<mailto:TLS@ietf.org>
https://www.ietf.org/mailman/listinfo/tls<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Ftls&data=02%7C01%7Cbjoern.haase%40endress.com%7C85118d6ee98248a1f7f308d79e819bea%7C52daf2a93b734da4ac6a3f81adc92b7e%7C1%7C0%7C637152151820416710&sdata=JgkfQSciHLPw9cKMrAE4O0N1RgZFvuU%2FxWVCMvvLzVk%3D&reserved=0>
_______________________________________________
TLS mailing list
TLS@ietf.org<mailto:TLS@ietf.org>
https://www.ietf.org/mailman/listinfo/tls<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Ftls&data=02%7C01%7Cbjoern.haase%40endress.com%7C85118d6ee98248a1f7f308d79e819bea%7C52daf2a93b734da4ac6a3f81adc92b7e%7C1%7C0%7C637152151820426704&sdata=4uReDGxQ8N27JI%2BKN8%2FXuRWBj9ar7zoIV65V6X9R7KY%3D&reserved=0>