I would let CFRG deal with the PAKE selection process: https://mailarchive.ietf.org/arch/msg/cfrg/-a1sW3jK_5avmb98zmFbCNLmpAs and not have this design team spend time and energy on designing PAKEs.
--Mohit On 1/21/20 11:52 AM, Björn Haase wrote: > Hello to all, > > I am also willing to contribute. My concern is that I observe that in some > industrial control applications, PSK mechanisms (that actually require > high-entropy keys) are (mis)-used in conjunction with TLS, where the PSK is > actually of insufficient entropy (maybe derived only from a 4 digit PIN). > > In order to fix this issue, I'd really appreciate to have an PSK-style TLS > operation using a balanced PAKE (note that this could be implemented with > virtually no computational overhead in comparison to conventional ECDH > session key generation). > > Yours, > > Björn. > > > > Mit freundlichen Grüßen I Best Regards > > Dr. Björn Haase > > > Senior Expert Electronics | TGREH Electronics Hardware > Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen | > Germany > Phone: +49 7156 209 377 | Fax: +49 7156 209 221 > bjoern.ha...@endress.com | www.conducta.endress.com > > > > > > Endress+Hauser Conducta GmbH+Co.KG > Amtsgericht Stuttgart HRA 201908 > Sitz der Gesellschaft: Gerlingen > Persönlich haftende Gesellschafterin: > Endress+Hauser Conducta Verwaltungsgesellschaft mbH > Sitz der Gesellschaft: Gerlingen > Amtsgericht Stuttgart HRA 201929 > Geschäftsführer: Dr. Manfred Jagiella > > > Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu informieren, > wenn wir personenbezogene Daten von Ihnen erheben. > Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis > (https://www.endress.com/de/cookies-endress+hauser-website) nach. > > > > > > Disclaimer: > > The information transmitted is intended only for the person or entity to > which it is addressed and may contain confidential, proprietary, and/or > privileged material. Any review, retransmission, dissemination or other use > of, or taking of any action in reliance upon, this information by persons or > entities other than the intended recipient is prohibited. If you receive this > in error, please contact the sender and delete the material from any > computer. This e-mail does not constitute a contract offer, a contract > amendment, or an acceptance of a contract offer unless explicitly and > conspicuously designated or stated as such. > > > > -----Ursprüngliche Nachricht----- > Von: TLS <tls-boun...@ietf.org> Im Auftrag von Mohit Sethi M > Gesendet: Dienstag, 21. Januar 2020 10:45 > An: Colm MacCárthaigh <c...@allcosts.net>; Sean Turner <s...@sn3rd.com> > Cc: TLS List <tls@ietf.org> > Betreff: Re: [TLS] External PSK design team > > I am certainly interested and willing to contribute. We need some > consensus on whether PSKs can be shared with more than 2 parties, > whether the parties can switch roles, etc. > > EMU is going to work on EAP-TLS-PSK and the question of > privacy/identities will pop-up there too. > > --Mohit > > On 1/21/20 7:33 AM, Colm MacCárthaigh wrote: >> Interested, as it happens - this is something I've been working on at Amazon. >> >> On Mon, Jan 20, 2020 at 8:01 PM Sean Turner <s...@sn3rd.com> wrote: >>> At IETF 106, we discussed forming a design team to focus on external PSK >>> management and usage for TLS. The goal of this team would be to produce a >>> document that discusses considerations for using external PSKs, privacy >>> concerns (and possible mitigations) for stable identities, and more >>> developed mitigations for deployment problems such as Selfie. If you have >>> an interest in participating on this design team, please reply to this >>> message and state so by 2359 UTC 31 January 2020. >>> >>> Cheers, >>> >>> Joe and Sean >>> _______________________________________________ >>> TLS mailing list >>> TLS@ietf.org >>> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Ftls&data=02%7C01%7Cbjoern.haase%40endress.com%7C5af7f9dcd2f746b6638a08d79e56a7dc%7C52daf2a93b734da4ac6a3f81adc92b7e%7C1%7C0%7C637151967330246544&sdata=xtt%2F1mxS0XbrTQ8mExdzUP%2F%2BHSJKrXANsVqsX%2F4sUZA%3D&reserved=0 >> > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Ftls&data=02%7C01%7Cbjoern.haase%40endress.com%7C5af7f9dcd2f746b6638a08d79e56a7dc%7C52daf2a93b734da4ac6a3f81adc92b7e%7C1%7C0%7C637151967330246544&sdata=xtt%2F1mxS0XbrTQ8mExdzUP%2F%2BHSJKrXANsVqsX%2F4sUZA%3D&reserved=0 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
