combination of a shared secret between the Edge Server and the Key
> Server, associated to a sequence number address. There are probably other
> maybe better ways to do and feel free to propose alternatives.
>
>
>
>
>
> BR,
>
> Daniel
>
> *From:* Lurk [m
: Lurk [mailto:lurk-boun...@ietf.org] On Behalf Of Kyle Rose
Sent: Monday, July 18, 2016 11:23 AM
To: Eric Rescorla
Cc: LURK BoF
Subject: Re: [Lurk] Notes on preventing signing oracles
It's possible we can't do much to prevent creating a generic signing oracle for
TLS 1.2, but for 1.3 w
It's possible we can't do much to prevent creating a generic signing oracle
for TLS 1.2, but for 1.3 we can send precursors to the key owner and
require it to reproduce the final input to the signature algorithm,
constraining the adversary to signatures of messages of the form
(0x20){32}("TLS 1.3,