[prev in list] [next in list] [prev in thread] [next in thread]
List: ietf-tls
Subject: [TLS] Re: ECDHE_PSK as WG item?
From: Simon Josefsson <simon () josefsson ! org>
Date: 2008-01-10 14:23:14
Message-ID: 87sl15pxnx.fsf () mocca ! josefsson ! org
[Download RAW message or body]
<Pasi.Eronen@nokia.com> writes:
> Mohammad Badra has requested that the TLS WG adopt
> draft-badra-ecdhe-tls-psk as a WG item. This draft was presented
> in Vancouver, but few comments have been received so far.
>
> Please use this thread to comment; not only the technical
> details, but whether you think this is useful; should it be
> done as WG item or individual document; and whether you're
> willing to work on this document.
While GnuTLS does not support ECDHE yet, which means we are not likely
to implement the document immediately, I believe the document solve a
clearly described problem and that it should be adopted by the WG. I'm
willing to review the document.
Some minor issues from a quick review:
* In the abstract RFC 4785 (PSK-NULL) and RFC 4279 (PSK) are mentioned
in that order, twice. I think it would be useful to mention them in
the reverse order.
* Section 2 contains:
"The PSK identity and identity hint fields have the same
meaning as in the previous section (note that the ServerKeyExchange
message is always sent, even if no PSK identity hint is provided)."
What does 'the previous section' refer to? I can't find any
discussions of PSK identity earlier in the document.
* The document could say explicitly that the PSK case in
ClientKeyExchange and ServerKeyExchange should not apply to PSK-ECDHE,
instead the ec_diffie_hellman_psk case should apply. I propose:
When the CipherSuites defined in this document are used, the
'ec_diffie_hellman_psk' case inside the ServerKeyExchange and
ClientKeyExchange structure is used, instead of the 'psk' case
defined in RFC 4279.
Thanks,
/Simon
_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic