I think there are two very different scenarios where an identity needs to be associated with an external PSK, that is a PSK that is not produced by a previous handshake. This draft only addresses one of them, and I would rather see a way forward that considers both.
This draft considers the scenario where the PSK is used to avoid the use of (EC)DHE altogether. The other scenario is where the PSK is combined with the (EC)DHE shared secret as protection against a quantum computer. In this case the identity associated with the PSK must be compatible with the identity in the certificate. We have not had any discussion about the meaning of compatible in this context. I believe the TLS WG wants to wrap up the core TLS 1.3 specification before delving into that topic. For that reason, I think that the topic of this draft must also wait until the core TLS 1.3 specification is in the hands of the IESG. Russ From: internet-dra...@ietf.org [mailto:internet-dra...@ietf.org] Sent: 17 December 2016 04:11 To: Raja ashok; Raja ashok; Jayaraghavendran Kuppannan Subject: New Version Notification for draft-jay-tls-psk-identity-extension-02.txt A new version of I-D, draft-jay-tls-psk-identity-extension-02.txt has been successfully submitted by Raja Ashok V K and posted to the IETF repository. Name: draft-jay-tls-psk-identity-extension Revision: 02 Title: TLS/DTLS PSK Identity Extension Document date: 2016-12-15 Group: Individual Submission Pages: 10 URL: https://www.ietf.org/internet-drafts/draft-jay-tls-psk-identity-extension-02.txt Status: https://datatracker.ietf.org/doc/draft-jay-tls-psk-identity-extension/ Htmlized: https://tools.ietf.org/html/draft-jay-tls-psk-identity-extension-02 Diff: https://www.ietf.org/rfcdiff?url2=draft-jay-tls-psk-identity-extension-02 Abstract: Pre-Shared Key (PSK) based Key Exchange Mechanism is primarily used in constrained environments where resource intensive Asymmetric Cryptography cannot be used. In the Internet of Things (IoT) deployments, constrained devices are commonly used for collecting data via sensors for use in home automation, smart energy etc. In this context, DTLS is being considered as the primary protocol for communication security at the application layer and in some cases, it is also being considered for network access authentication. This document provides a specification for a new extension for Optimizing DTLS and TLS Handshake when the Pre-Shared Key (PSK) based Key Exchange is used. This extension is aimed at reducing the number of messages exchanged and the RTT of the TLS & DTLS Handshakes. Hi, I am submitting my 3rd version of our draft(draft-jay-tls-psk-identity-extension) in TLS working group. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
