On Sat, Jul 14, 2018 at 01:44:28AM +0000, Wang Haiguang wrote:
> Dear ilari,
> 
> Thanks very much for the reply :-). Please see my comments inline below.
> 
> -----Original Message-----
> From: [email protected] [mailto:[email protected]]
> Sent: Thursday, July 12, 2018 8:17 PM
> To: Wang Haiguang <[email protected]>
> Cc: <[email protected]> <[email protected]>
> Subject: Re: [TLS] Regarding the identity bidding issue when using raw public 
> key with TLS
> 
> On Thu, Jul 12, 2018 at 09:30:40AM +0000, Wang Haiguang wrote:
> > Can anyone give us some comments regarding using IBC as raw public key
> > for TLS for massive IoT authentication?
> 
> I do not think there is any way currently to do that. The only defined 
> signature algorithms are ([*] means removed from TLS 1.3):
> 
> - RSA PKCS#1 v1.5[*]
> - DSA[*]
> - ECDSA
> - EdDSA2 (Ed25519 and Ed448)
> 
> These are also the only algorithms that can be used with raw public key 
> authentication. None of these is IBC algorithm..
> 
> Also, the way the raw public keys work is the same in both TLS 1.2 and
> 1.3 (the precise messages are different, but it still works the same).
> 
> [HG-1] Yes. With TLS-1.3, IBC algorithm is not supported at the moment. So we 
> hope that we can develop a separate RFC based on 1.3 and support IBC for 
> massive IoT usage scenarios only?
>  RFC 6507 specifies an IBC signature method based on ECC, it is similar to 
> ECDSA. We can start with that first.

Writing an internet-draft that specifies IBC signatures for TLS 1.3 is the
first step, but in principle such usage would not need to be limited to
"massive IoT usage scenarios only".

-Ben

_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls

Reply via email to