Re: [TLS] Fwd: I-D ACTION:draft-rescorla-tls-extractor-00.txt
<home_pw@msn.com> Wed, 17 January 2007 14:50 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1H7C7Y-0006nN-Uz; Wed, 17 Jan 2007 09:50:36 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1H7C7Y-0006nI-9a for tls@ietf.org; Wed, 17 Jan 2007 09:50:36 -0500
Received: from bay0-omc1-s35.bay0.hotmail.com ([65.54.246.107]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1H7C7T-0006Xh-NA for tls@ietf.org; Wed, 17 Jan 2007 09:50:36 -0500
Received: from hotmail.com ([65.55.131.21]) by bay0-omc1-s35.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Wed, 17 Jan 2007 06:50:31 -0800
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Wed, 17 Jan 2007 06:50:30 -0800
Message-ID: <BAY126-DAV11685BC1410AB847C785EA92AB0@phx.gbl>
Received: from 70.142.20.165 by BAY126-DAV11.phx.gbl with DAV; Wed, 17 Jan 2007 14:50:25 +0000
X-Originating-IP: [70.142.20.165]
X-Originating-Email: [home_pw@msn.com]
X-Sender: home_pw@msn.com
From: home_pw@msn.com
To: Badra <mbadra@gmail.com>, tls@ietf.org
References: <E1H6YmI-0002f5-6B@stiedprstage1.ietf.org> <c24c21d80701160732j3a1953c3qc6b718bcdedb8203@mail.gmail.com>
Subject: Re: [TLS] Fwd: I-D ACTION:draft-rescorla-tls-extractor-00.txt
Date: Wed, 17 Jan 2007 06:50:25 -0800
MIME-Version: 1.0
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Live Mail desktop 8.0.1223
X-MimeOLE: Produced By Microsoft MimeOLE V8.0.1223
X-OriginalArrivalTime: 17 Jan 2007 14:50:30.0848 (UTC) FILETIME=[D5906400:01C73A46]
X-Spam-Score: 0.7 (/)
X-Scan-Signature: 8f374d0786b25a451ef87d82c076f593
Cc:
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1023053431=="
Errors-To: tls-bounces@lists.ietf.org
A number of protocols wish to leverage Transport Layer Security (TLS) to perform key establishment but then use some of the keying material for their own purposes. This document describes a general mechanism for allowing that. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-rescorla-tls-extractor-00.txt I think this is ok, in principle. This was always done. Its been done already, as shown now in the EAP-TLS I-D, for years. This and AEAP suggests a fair amount is being driven from IEEE WGs ( which are closed forums). One should assume a fully finished spec will eventually arrive, much like TLS Evidence, and be presented as a "new workitem" request to IETF, with a quick last call etc. I don't see anything particularly wrong with that, tho. I do believe it does make sense in this era for TLS to a) parameterize the final KDF algorithm (the PRF function itself) b) parameterize the generation of the key block, much as used to be done based on the export flag for the ciphersuite, or the fortezza_dms SSLv3 ciphersuite. As Ive always said - to some ugly barracking from a former IAB member once when discussing SSLVPNs and TLS - SSL transport is not limited to TCP. It is not limited to any notion associated with TCP (half closes, SYN cookies, RR timestamping, 3168 signaling...), tho Ive seen value-added SSL engines that exploit these features. There are lots of (good) uses, in my opinion. and of course the omnipresent abuse potential. Adding the handshake to help with generating keying material for the cores in internet multicast group management is appropriate. Its nice to see this area get worked on, again. (I think this area can do a lot better for voip than the ENUM direction based on DNS resolvers, and really exploit what the IP can REALLY do, when one lets rip.) The work may well interfere with practices already in place for https 80 udp, but they are hardly mainstream. I used to apply the ChangeCipherSpec class of messages (defining my own) to "alter" the copying of keying material from the pending to active state, according to the custom semantics of my scheme. These days, its trivial to define an extension negotiation to agree to that new class of message support, of course. Need to careful of IP issues, here.
_______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls