On Sep 19, 2019, at 2:27 AM, Jim Schaad <i...@augustcellars.com> wrote:
> I am going to come down on the side of no PSK should not be supported.
> However my issues have nothing to do with how things are implemented and
> more to do with the security properties of the EAP method.

  I'm leaning that way myself.  I'm not opposed in principle, but it looks like 
other options have better properties.

> When you use certificates, there is no leakage of who the client is as this
> is encrypted by TLS.  When you use a restore session ticket, it is possible
> to limit the number of times that the ticket can be used (for example once).
> The PSK identity is public and unprotected so it can be used to track.  If
> one is using PSK for the purpose of authentication then that value will
> always be visible to intermediate parties for the purpose of tracking.
> This can be slightly mitigated by using restore session tickets with PSK,
> but you are going to send that PSK identifier over the wire many times.

  i.e. the only secure way to use PSK is one-time authentication, as per Owen's 
IoT use-case.

  If we do allow it, there's just no question that people will abuse it.  That 
for me is a strong reason to forbid it.

  Alan DeKok.

Emu mailing list

Reply via email to