I have been looking at the minimal requirements for pervasive crypto. I like TLS everywhere with strong authentication. The idea of weakening the authentication requirements further and calling the result TLS worries me a lot.
The other problem with TLS everywhere is that it changes the communication model of HTTP. Proxies no longer work for a start. Data can't be cached. Which has me thinking about extending my session continuation proposal to add in an ephemeral DH exchange and content encryption options to provide a very lightweight message layer security scheme. The idea is that MLS could be used with or without authentication and this would be understood from the start. High security applications would eventually use TLS+MLS as a matter of course and authenticate at both levels. MLS is a better place to put in client authentication. In a scaled system I almost always want to terminate my TLS tunnel before the actual Web Service. Stephen F. suggests that I should look to WebCrypto as a basis. Which seems OK, though I might have a different approach to key packaging. Crypto libraries seem to expect keys to be packaged up in BASE64 encoded ASN.1. Is anyone interested in reading/reviewing drafts? Looking to shoot for an experimental at this stage. The objective would be to get to a point where all Web content can be encrypted including very large chunks of static data like video. This would essentially recapitulate the work done on SHTTP and Shen back in the early 90s so there is little IPR risk. -- Website: http://hallambaker.com/
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
