On 2017-12-06 15:41, Tony Putman wrote:
Hi,
I recently produced an I-D for a TLS authentication method using
pre-shared ECDH asymmetric keys, which I believe will be useful for
constrained environments. IMHO the key benefits are:
- a breach of server security does not result in client impersonation
(unlike PSK)
- a single EC algorithm is used (ECDH), though it is used several times
- static public keys are not exchanged, so protocol messages are smaller
I would like to know if people working with constrained devices agree
with me that these are useful benefits and whether people feel that this
is worth pursuing.
The draft is at
https://datatracker.ietf.org/doc/draft-putman-tls-preshared-ecdh/
Thanks,
Tony
Hi Tony,
could you explain the differences between your draft and the (D)TLS
handshake with raw public keys (https://tools.ietf.org/html/rfc7250)?
/Ludwig
--
Ludwig Seitz, PhD
Security Lab, RISE SICS
Phone +46(0)70-349 92 51
_______________________________________________
Ace mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ace
