Uri: As my note said, "... until post-quantum algorithms emerge from the NIST process."
Russ > On May 20, 2019, at 5:11 PM, Blumenthal, Uri - 0553 - MITLL <[email protected]> > wrote: > > One question that I have after reading it: I understand why one wants to > implement this extension, but I don’t see how the two endpoints would arrive > at that external PSK. > Sadly - we're back to the 1980's in terms of key management. The obvious > answers are a) they meet to exchange keys, b) they're given a key through a > KDC, c) they get them in the mail. (and I'm really not kidding about (c)) > > I don’t think I get it. There’s a ton of submissions at NIST PQC, most came > with some formal proofs. I can’t believe none of them is good enough. > Anything from that pool should be better than nothing…? > Also, if you do have a running KDC, why would you want/need TLS 1.3 ECDHE in > addition to it? > Would such a pre-shared key be long-term (i.e., good/used for many > connections), or is it going to be a use-once thing? > >> >> From: TLS <[email protected]> <mailto:[email protected]> on behalf of >> Russ Housley <[email protected]> <mailto:[email protected]> >> Date: Monday, May 20, 2019 at 3:21 PM >> To: Joe Salowey <[email protected]> <mailto:[email protected]> >> Cc: IETF TLS <[email protected]> <mailto:[email protected]> >> Subject: Re: [TLS] WGLC for draft-ietf-tls-tls13-cert-with-extern-psk >> >> TLS 1.3 Extension for Certificate-based Authentication with an External PSK >> ensures the US Government has a quantum-resistant option for TLS in the >> interim years until post-quantum algorithms emerge from the NIST process. >> For this reason, there is an intent to specify this extension in future >> procurements. >> >> Russ >> >> >> >> >>> On May 15, 2019, at 9:20 AM, Joseph Salowey <[email protected] >>> <mailto:[email protected]>> wrote: >>> >>> The last call has come and gone without any comment. Please indicate if >>> you have reviewed the draft even if you do not have issues to raise so the >>> chairs can see who has reviewed it. Also indicate if you have any plans to >>> implement the draft. >>> >>> On Tue, Apr 9, 2019 at 8:51 PM Joseph Salowey <[email protected] >>> <mailto:[email protected]>> wrote: >>>> This is the working group last call for the "TLS 1.3 Extension for >>>> Certificate-based Authentication with an External Pre-Shared Key” draft >>>> available at >>>> https://datatracker.ietf.org/doc/draft-ietf-tls-tls13-cert-with-extern-psk/ >>>> >>>> <https://datatracker.ietf.org/doc/draft-ietf-tls-tls13-cert-with-extern-psk/>. >>>> Please review the document and send your comments to the list by 2359 UTC >>>> on 23 April 2019. >>>> >>>> Thanks, >>>> Chris, Joe, and Sean >> >> >> >> >> >> >> _______________________________________________ >> TLS mailing list >> [email protected] <mailto:[email protected]> >> https://www.ietf.org/mailman/listinfo/tls >> <https://www.ietf.org/mailman/listinfo/tls> > > _______________________________________________ > TLS mailing list > [email protected] <mailto:[email protected]> > https://www.ietf.org/mailman/listinfo/tls > <https://www.ietf.org/mailman/listinfo/tls>
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
