Hi, I recently produced an I-D for a TLS authentication method using pre-shared ECDH asymmetric keys, which I believe will be useful for constrained environments. IMHO the key benefits are: - a breach of server security does not result in client impersonation (unlike PSK) - a single EC algorithm is used (ECDH), though it is used several times - static public keys are not exchanged, so protocol messages are smaller
I would like to know if people working with constrained devices agree with me that these are useful benefits and whether people feel that this is worth pursuing. The draft is at https://datatracker.ietf.org/doc/draft-putman-tls-preshared-ecdh/ Thanks, Tony Dyson Technology Limited, company number 01959090, Tetbury Hill, Malmesbury, SN16 0RP, UK. This message is intended solely for the addressee and may contain confidential information. If you have received this message in error, please immediately and permanently delete it, and do not use, copy or disclose the information contained in this message or in any attachment. Dyson may monitor email traffic data and content for security & training.
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
