Hi a working solution fot TLS 1.0,1.1, 1.2, DTLS 1.0, 1.2 is to encrypt the client certificat with an extra key computed from the master secret
see https://tools.ietf.org/html/draft-urien-badra-eap-tls-identity-protection-01 Rgs Pascal 2015-08-24 22:56 UTC+02:00, Viktor S. Wold Eide <viktor.s.wold.e...@gmail.com>: > Hi, > > I am looking for a way to achieve identity hiding for DTLS 1.2, which also > hopefully can be used in (D)TLS 1.3, when available. > > >From what I understand, for (D)TLS 1.2 it would be possible to perform an > anonymous unencrypted handshake and then to renegotiate the connection with > authentication within the encrypted channel, e.g., according to the expired > draft [1]. From the latest TLS 1.3 draft [2] it appears that renegotiation > will be removed in the upcoming 1.3 version. > > What is likely to be the recommended way to achieve identity hiding for > (D)TLS 1.3, if any? > > [1] Transport Layer Security (TLS) Encrypted Handshake Extension, > draft-ray-tls-encrypted-handshake-00, expired in 2012 > [2] The Transport Layer Security (TLS) Protocol Version 1.3, > draft-ietf-tls-tls13-07 > > > Best regards > Viktor S. Wold Eide > _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
