Re: [TLS] draft-ietf-tls-tls13-26 is vulnerable to externally set PSK identity enumeration

On Thursday, 15 March 2018 22:51:49 CET Benjamin Kaduk wrote: > On Thu, Mar 15, 2018 at 12:25:38PM +0100, Hubert Kario wrote: > > On Wednesday, 14 March 2018 21:13:29 CET Benjamin Kaduk wrote: > > > On Wed, Mar 14, 2018 at 12:46:25PM +0100, Hubert Kario wrote: > > > > On Wednesday, 14 March 2018 03

[TLS] Secdir last call review of draft-ietf-tls-iana-registry-updates-04

Reviewer: Stefan Santesson Review result: Ready The document handles IANA registration of identifiers. Aspects and properties identified by these identifiers are relevant for security, but for the most part that is outside the scope of this document that deals only with registration. The provided

Re: [TLS] draft-ietf-tls-tls13-26 is vulnerable to externally set PSK identity enumeration

On 3/15/2018 5:51 PM, Benjamin Kaduk wrote: > On Thu, Mar 15, 2018 at 12:25:38PM +0100, Hubert Kario wrote: > ... >> we do not have a reliable mechanism of differentiating between external and >> resumption PSKs while parsing Client Hello > Well, a valid external PSK (identity) the server will o

[TLS] Additional changes for draft-ietf-tls-iana-registry-updates

During Adam Roach’s AD review of draft-ietf-tls-tls13, he noted something about the HashAlgorithm and that made me go look at what was said in draft-ietf-tls-iana-registry-updates. Turns out that 4492bis assigned some values draft-ietf-tls-iana-registry-updates was marking as reserved. I have

[TLS] Fwd: New Version Notification for draft-tiloca-tls-dos-handshake-02.txt

Hi all, We have recently submitted an updated version of the draft based on comments at IETF100. Also, a proof-of-concept implementation for DTLS 1.2 in Californium/Scandium is available at [1]. Best, /Marco [1] https://bitbucket.org/sicssec/dos_dtls Forwarded Message Subjec

[TLS] Tickets after key update/post handshake auth

What is reasonable behaviour for a client to do with any tickets it has previously received following a key update or a post-handshake authentication? Should those old tickets be now considered out-of-date and not used? Matt ___ TLS mailing list TLS@iet

Re: [TLS] Tickets after key update/post handshake auth

On Fri, Mar 16, 2018 at 4:19 PM, Matt Caswell wrote: > What is reasonable behaviour for a client to do with any tickets it has > previously received following a key update or a post-handshake > authentication? Should those old tickets be now considered out-of-date > and not used? > There is no g

Re: [TLS] Tickets after key update/post handshake auth

On Friday, 16 March 2018 17:19:49 CET Matt Caswell wrote: > What is reasonable behaviour for a client to do with any tickets it has > previously received following a key update or a post-handshake > authentication? Should those old tickets be now considered out-of-date > and not used? as far as I

Re: [TLS] Tickets after key update/post handshake auth

That's only because there is some chance that the ticket binds in more contextual information. In practice, this might also happen as a result of application-layer changes. At the TLS layer, it's hard to know exactly why the new ticket was issued. If it was just adding another ticket to the pile

Re: [TLS] draft-ietf-tls-tls13-26 is vulnerable to externally set PSK identity enumeration

On Fri, Mar 16, 2018 at 09:11:32AM -0400, Christian Huitema wrote: > > > On 3/15/2018 5:51 PM, Benjamin Kaduk wrote: > > On Thu, Mar 15, 2018 at 12:25:38PM +0100, Hubert Kario wrote: > > ... > >> we do not have a reliable mechanism of differentiating between external > >> and > >> resumption PS

Re: [TLS] Additional changes for draft-ietf-tls-iana-registry-updates

On Fri, Mar 16, 2018 at 02:01:48PM +, Sean Turner wrote: > During Adam Roach’s AD review of draft-ietf-tls-tls13, he noted something > about the HashAlgorithm and that made me go look at what was said in > draft-ietf-tls-iana-registry-updates. Turns out that 4492bis assigned some > values d