'Re: [TLS] Regarding the identity bidding issue when using raw public key with TLS'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ietf-tls
Subject:    Re: [TLS] Regarding the identity bidding issue when using raw public key with TLS
From:       Wang Haiguang <wang.haiguang.shieldlab () huawei ! com>
Date:       2018-07-16 15:45:52
Message-ID: 0AE05CBFB1A6A0468C8581DAE58A31309E0BF8C5 () SINEML521-MBX ! china ! huawei ! com
[Download RAW message or body]

Dear Benjamin,

See my comments below.
________________________________________
From: Benjamin Kaduk [bkaduk@akamai.com]
Sent: Sunday, 15 July, 2018 11:26:25 AM
To: Wang Haiguang
Cc: <tls@ietf.org>
Subject: Re: [TLS] Regarding the identity bidding issue when using raw public key \
with TLS

On Sat, Jul 14, 2018 at 01:44:28AM +0000, Wang Haiguang wrote:
> Dear ilari,
> 
> Thanks very much for the reply :-）. Please see my comments inline below.
> 
> -----Original Message-----
> From: ilariliusvaara@welho.com [mailto:ilariliusvaara@welho.com]
> Sent: Thursday, July 12, 2018 8:17 PM
> To: Wang Haiguang <wang.haiguang.shieldlab@huawei.com>
> Cc: <tls@ietf.org> <tls@ietf.org>
> Subject: Re: [TLS] Regarding the identity bidding issue when using raw public key \
> with TLS 
> On Thu, Jul 12, 2018 at 09:30:40AM +0000, Wang Haiguang wrote:
> > Can anyone give us some comments regarding using IBC as raw public key
> > for TLS for massive IoT authentication?
> 
> I do not think there is any way currently to do that. The only defined signature \
> algorithms are ([*] means removed from TLS 1.3): 
> - RSA PKCS#1 v1.5[*]
> - DSA[*]
> - ECDSA
> - EdDSA2 (Ed25519 and Ed448)
> 
> These are also the only algorithms that can be used with raw public key \
> authentication. None of these is IBC algorithm.. 
> Also, the way the raw public keys work is the same in both TLS 1.2 and
> 1.3 (the precise messages are different, but it still works the same).
> 
> [HG-1] Yes. With TLS-1.3, IBC algorithm is not supported at the moment. So we hope \
> that we can develop a separate RFC based on 1.3 and support IBC for massive IoT \
> usage scenarios only? RFC 6507 specifies an IBC signature method based on ECC, it \
> is similar to ECDSA. We can start with that first.

Writing an internet-draft that specifies IBC signatures for TLS 1.3 is the
first step, but in principle such usage would not need to be limited to
"massive IoT usage scenarios only".

[HG-2] Yes. IBC can be used for other scenarios also. We are happy to extend the \
usage scenarios also. 

--Haiguang


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic