On Thu, Feb 25, 2016 at 11:33 PM, Dan Harkins <[email protected]> wrote: > > Hi, > > On Wed, February 24, 2016 1:59 pm, Rick van Rein wrote: >> Hi, >> >>> Although the lack of modern cipher-suites for SRP makes it not very >>> attractive these days. >>> >> Does anyone know if work on something like "ECSRP" is going on, anywhere? >> >> We've recently worked on getting it working with PKCS #11, >> >> https://github.com/arpa2/srp-pkcs11 >> https://github.com/arpa2/srp-pkcs11/blob/rfc5054_compat/doc/design/srp-pkcs11.pdf >> >> It could be interesting to see if this translates to the Elliptic Curve >> arena. >> >> I heard rumours of alternatives being weighed against one another, but >> failed to find anything concrete. Links are quite welcome! > > Well there's TLS-PWD. Works just fine with ECC. Also provides > for protection of the client username from passive attack. > > https://tools.ietf.org/html/draft-ietf-tls-pwd-07
As well as my SPAKE2 draft, which can fit in TLS easily. The real problem here is that there is no reason not to use certificates in a lot of cases. > > Thanks for reminding me to update that draft :-) > > Dan. > >> -Rick >> >> _______________________________________________ >> TLS mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/tls >> > > > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls -- "Man is born free, but everywhere he is in chains". --Rousseau. _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
