On Tuesday, 20 March 2018 22:21:06 CET Eric Rescorla wrote:
> On Tue, Mar 20, 2018 at 7:42 PM, Hubert Kario wrote:
> > On Monday, 19 March 2018 14:38:05 CET Eric Rescorla wrote:
> > > On Mon, Mar 19, 2018 at 1:33 PM, Nikos Mavrogiannopoulos <
> >
> > n...@redhat.com>
> >
> > > wrote:
> > > > On
The document has been approved for publication and the outstanding
reference will be added in the RFC editor process during Auth48.
Thank you all for your work on this protocol.
Best regards,
Kathleen
On Tue, Mar 20, 2018 at 5:21 PM, Eric Rescorla wrote:
>
>
> On Tue, Mar 20, 2018 at 7:42 PM, H
On Tue, Mar 20, 2018 at 7:42 PM, Hubert Kario wrote:
> On Monday, 19 March 2018 14:38:05 CET Eric Rescorla wrote:
> > On Mon, Mar 19, 2018 at 1:33 PM, Nikos Mavrogiannopoulos <
> n...@redhat.com>
> >
> > wrote:
> > > On Fri, 2018-03-16 at 14:45 -0500, Benjamin Kaduk wrote:
> > > > On Fri, Mar 16,
On Monday, 19 March 2018 14:38:05 CET Eric Rescorla wrote:
> On Mon, Mar 19, 2018 at 1:33 PM, Nikos Mavrogiannopoulos
>
> wrote:
> > On Fri, 2018-03-16 at 14:45 -0500, Benjamin Kaduk wrote:
> > > On Fri, Mar 16, 2018 at 09:11:32AM -0400, Christian Huitema wrote:
> > > > On 3/15/2018 5:51 PM, Benj
> On Mar 20, 2018, at 12:52, Hubert Kario wrote:
>
> On Monday, 19 March 2018 23:53:16 CET Benjamin Kaduk wrote:
>> On Mon, Mar 19, 2018 at 05:00:51PM +0100, Hubert Kario wrote:
>>> On Sunday, 18 March 2018 16:27:34 CET Eric Rescorla wrote:
After discussion with the chairs and the AD, I hav
On Monday, 19 March 2018 23:53:16 CET Benjamin Kaduk wrote:
> On Mon, Mar 19, 2018 at 05:00:51PM +0100, Hubert Kario wrote:
> > On Sunday, 18 March 2018 16:27:34 CET Eric Rescorla wrote:
> > > After discussion with the chairs and the AD, I have opted to just add a
> > > section
> > > that explains
On Mon, Mar 19, 2018 at 02:33:52PM +0100, Nikos Mavrogiannopoulos wrote:
> On Fri, 2018-03-16 at 14:45 -0500, Benjamin Kaduk wrote:
> > On Fri, Mar 16, 2018 at 09:11:32AM -0400, Christian Huitema wrote:
> > >
> >
> > > If you want to use PSK with some level of privacy, you might adopt
> > > a
> >
On Mon, Mar 19, 2018 at 05:00:51PM +0100, Hubert Kario wrote:
> On Sunday, 18 March 2018 16:27:34 CET Eric Rescorla wrote:
> > After discussion with the chairs and the AD, I have opted to just add a
> > section
> > that explains the attack. I just merged that (but managed not to get it
> > into -27
On Sunday, 18 March 2018 16:27:34 CET Eric Rescorla wrote:
> After discussion with the chairs and the AD, I have opted to just add a
> section
> that explains the attack. I just merged that (but managed not to get it
> into -27
> due to fumble fingering).
If there is no consensus on the recommende
On Mon, Mar 19, 2018 at 1:33 PM, Nikos Mavrogiannopoulos
wrote:
> On Fri, 2018-03-16 at 14:45 -0500, Benjamin Kaduk wrote:
> > On Fri, Mar 16, 2018 at 09:11:32AM -0400, Christian Huitema wrote:
> > >
> > >
> > > On 3/15/2018 5:51 PM, Benjamin Kaduk wrote:
> > > > On Thu, Mar 15, 2018 at 12:25:38P
On Fri, 2018-03-16 at 14:45 -0500, Benjamin Kaduk wrote:
> On Fri, Mar 16, 2018 at 09:11:32AM -0400, Christian Huitema wrote:
> >
> >
> > On 3/15/2018 5:51 PM, Benjamin Kaduk wrote:
> > > On Thu, Mar 15, 2018 at 12:25:38PM +0100, Hubert Kario wrote:
> > > ...
> > > > we do not have a reliable mec
On Mon, Mar 19, 2018 at 6:38 AM, Daniel Kahn Gillmor
wrote:
> On Sun 2018-03-18 12:08:13 -0400, Viktor Dukhovni wrote:
>
>> The devices that might use external PSKs will likely be unavoidably
>> fingerprinted by source IP address and the target mothership.
>
> I'm not convinced that this is the ca
On Sun 2018-03-18 12:08:13 -0400, Viktor Dukhovni wrote:
> The devices that might use external PSKs will likely be unavoidably
> fingerprinted by source IP address and the target mothership.
I'm not convinced that this is the case -- it's not at all clear that
IoT devices will be attached to a st
On Sun, Mar 18, 2018 at 03:24:02PM +, Lanlan Pan wrote:
> Benjamin Kaduk 于2018年3月14日周三 上午10:02写道:
>
> > It seems like we get ourselves in trouble by allowing multiple
> > external PSKs to be present. If we allowed at most one external
> > PSK in a given ClientHello, then aborting the handshak
> On Mar 18, 2018, at 11:27 AM, Eric Rescorla wrote:
>
> After discussion with the chairs and the AD, I have opted to just add a
> section
> that explains the attack. I just merged that (but managed not to get it into
> -27
> due to fumble fingering).
It seems to me that privacy consideratio
After discussion with the chairs and the AD, I have opted to just add a
section
that explains the attack. I just merged that (but managed not to get it
into -27
due to fumble fingering).
-Ekr
On Mon, Mar 12, 2018 at 8:27 AM, Hubert Kario wrote:
> When the server supports externally set PSKs th
Benjamin Kaduk 于2018年3月14日周三 上午10:02写道:
> It seems like we get ourselves in trouble by allowing multiple
> external PSKs to be present. If we allowed at most one external
> PSK in a given ClientHello, then aborting the handshake on binder
> failure would be the correct choice, as discovering a va
On Fri, Mar 16, 2018 at 09:11:32AM -0400, Christian Huitema wrote:
>
>
> On 3/15/2018 5:51 PM, Benjamin Kaduk wrote:
> > On Thu, Mar 15, 2018 at 12:25:38PM +0100, Hubert Kario wrote:
> > ...
> >> we do not have a reliable mechanism of differentiating between external
> >> and
> >> resumption PS
On 3/15/2018 5:51 PM, Benjamin Kaduk wrote:
> On Thu, Mar 15, 2018 at 12:25:38PM +0100, Hubert Kario wrote:
> ...
>> we do not have a reliable mechanism of differentiating between external and
>> resumption PSKs while parsing Client Hello
> Well, a valid external PSK (identity) the server will o
On Thursday, 15 March 2018 22:51:49 CET Benjamin Kaduk wrote:
> On Thu, Mar 15, 2018 at 12:25:38PM +0100, Hubert Kario wrote:
> > On Wednesday, 14 March 2018 21:13:29 CET Benjamin Kaduk wrote:
> > > On Wed, Mar 14, 2018 at 12:46:25PM +0100, Hubert Kario wrote:
> > > > On Wednesday, 14 March 2018 03
On Thu, Mar 15, 2018 at 12:25:38PM +0100, Hubert Kario wrote:
> On Wednesday, 14 March 2018 21:13:29 CET Benjamin Kaduk wrote:
> > On Wed, Mar 14, 2018 at 12:46:25PM +0100, Hubert Kario wrote:
> > > On Wednesday, 14 March 2018 03:02:10 CET Benjamin Kaduk wrote:
> > > > It seems like we get ourselve
On Wednesday, 14 March 2018 21:13:29 CET Benjamin Kaduk wrote:
> On Wed, Mar 14, 2018 at 12:46:25PM +0100, Hubert Kario wrote:
> > On Wednesday, 14 March 2018 03:02:10 CET Benjamin Kaduk wrote:
> > > It seems like we get ourselves in trouble by allowing multiple
> > > external PSKs to be present.
On Wed, Mar 14, 2018 at 12:46:25PM +0100, Hubert Kario wrote:
> On Wednesday, 14 March 2018 03:02:10 CET Benjamin Kaduk wrote:
> > It seems like we get ourselves in trouble by allowing multiple
> > external PSKs to be present. If we allowed at most one external
> > PSK in a given ClientHello, then
On Wednesday, 14 March 2018 03:02:10 CET Benjamin Kaduk wrote:
> It seems like we get ourselves in trouble by allowing multiple
> external PSKs to be present. If we allowed at most one external
> PSK in a given ClientHello, then aborting the handshake on binder
> failure would be the correct choic
It seems like we get ourselves in trouble by allowing multiple
external PSKs to be present. If we allowed at most one external
PSK in a given ClientHello, then aborting the handshake on binder
failure would be the correct choice, as discovering a valid identity
would require discovering a valid ke
On Tuesday, 13 March 2018 16:18:48 CET Ilari Liusvaara wrote:
> On Mon, Mar 12, 2018 at 04:27:46PM +0100, Hubert Kario wrote:
> > When the server supports externally set PSKs that use human readable
> > identities (or, in general, guessable identities), the current text makes
> > it trivial to perf
On Mon, Mar 12, 2018 at 04:27:46PM +0100, Hubert Kario wrote:
> When the server supports externally set PSKs that use human readable
> identities (or, in general, guessable identities), the current text makes it
> trivial to perform enumeration attack.
What would be impact of such enumeration at
27 matches
Mail list logo
