One question that I have after reading it: I understand why one wants to implement this extension, but I don’t see how the two endpoints would arrive at that external PSK.
Sadly - we're back to the 1980's in terms of key management. The obvious answers are a) they meet to exchange keys, b) they're given a key through a KDC, c) they get them in the mail. (and I'm really not kidding about (c)) I don’t think I get it. There’s a ton of submissions at NIST PQC, most came with some formal proofs. I can’t believe none of them is good enough. Anything from that pool should be better than nothing…? Also, if you do have a running KDC, why would you want/need TLS 1.3 ECDHE in addition to it? Would such a pre-shared key be long-term (i.e., good/used for many connections), or is it going to be a use-once thing? From: TLS <tls-boun...@ietf.org> on behalf of Russ Housley <hous...@vigilsec.com> Date: Monday, May 20, 2019 at 3:21 PM To: Joe Salowey <j...@salowey.net> Cc: IETF TLS <tls@ietf.org> Subject: Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with-extern-psk TLS 1.3 Extension for Certificate-based Authentication with an External PSK ensures the US Government has a quantum-resistant option for TLS in the interim years until post-quantum algorithms emerge from the NIST process. For this reason, there is an intent to specify this extension in future procurements. Russ On May 15, 2019, at 9:20 AM, Joseph Salowey <j...@salowey.net> wrote: The last call has come and gone without any comment. Please indicate if you have reviewed the draft even if you do not have issues to raise so the chairs can see who has reviewed it. Also indicate if you have any plans to implement the draft. On Tue, Apr 9, 2019 at 8:51 PM Joseph Salowey <j...@salowey.net> wrote: This is the working group last call for the "TLS 1.3 Extension for Certificate-based Authentication with an External Pre-Shared Key” draft available at https://datatracker.ietf.org/doc/draft-ietf-tls-tls13-cert-with-extern-psk/. Please review the document and send your comments to the list by 2359 UTC on 23 April 2019. Thanks, Chris, Joe, and Sean _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls