ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Protocol Action: 'Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)' to Proposed Standard

2005-06-27 08:02:54
from [Francis Dupont] [Permanent Link] 
 In your previous mail you wrote:

   The IESG has approved the following document:
   
   - 'Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) '
      <draft-ietf-tls-psk-09.txt> as a Proposed Standard
   
=> this document seems to go in the wrong way: pre-shared secrets
are known to be weaker than certificates and TLS has already many
problems with its misuses (for instance no client verification or
poor server certificate validation).
 I remember a similar discussion about IKEv2 but in this case pre-shared
secrets were kept for compatibility... I can't see why no argument
against pre-shared secrets applies for the TLS case. Perhaps a security area
director can help me? BTW, I don't buy the "limited CPU power" argument
without real world examples.

Regards

Francis(_dot_)Dupont(_at_)enst-bretagne(_dot_)fr

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IANA Action: Assignment of an IPV6 Hop-by-hop Option, Brian E Carpenter
Next by Date:  Re: IANA Action: Assignment of an IPV6 Hop-by-hop Option, Brian E Carpenter
Previous by Thread:  Real or fraud?... FW: About your registration at IETF event, Rod . Walsh
Next by Thread:  Re: Protocol Action: 'Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)' to Proposed Standard, Paul Hoffman
Indexes:  [Date] [Thread] [Top] [All Lists]