Re: [TLS] Pre_shared_key Extension Question

Fri, 09 Sep 2016 08:16:48 -0700 

Hi Ekr,

thanks for the response.
The psk_identity_hint in RFC 4279 was sent from the server to the client and was a mechanism that was believed to be needed by the 3GPP in their bootstrapping architecture, which in the end was never widely used (as far as I know). So, not necessarily a super important features, as it seems.
As mentioned in my other mail regarding sending the ticket together with the long-term PSK identity could be addressed better by clarifying the server is intending to keep the ticket cached for the time indicated in ticket_lifetime (rather than saying the opposite which may lead implementers to care less).
Hence, I would mind if you delete the following two sentences in Section 4.5.1 "New Session Ticket Message": 

"
It MAY delete the ticket earlier based on local policy. A server MAY treat a ticket as valid for a shorter period of time than what is stated in the ticket_lifetime. 
"

Ciao
Hannes


On 08/18/2016 12:17 AM, Eric Rescorla wrote:

The intention here was to compensate for not having psk_identity_hint.
However, it also allows you to do resumption of PSK-established sessions.

It would be a fairly significant simplification to say you could only
have one PSK, because then we could easily require the client to prove
knowledge of the key, for instance by stuffing a MAC at the end of the
ClientHello as we discussed in Berlin.

So:
Is there any demand for multiple identities? I do not believe there is
any in the Web context. If not, we should remove this feature.

-Ekr


On Thu, Aug 11, 2016 at 1:39 AM, Hannes Tschofenig
<hannes.tschofe...@gmx.net <mailto:hannes.tschofe...@gmx.net>> wrote:

    Hi all,

    the currently defined “pre_shared_key” extension allows clients to send
    a list of the identities. I was wondering in what use cases this is
    useful and what policy guides the server to pick the most appropriate
    psk identity. I couldn't find any discussion in the document about this
    aspect.

    Ciao
    Hannes


    _______________________________________________
    TLS mailing list
    TLS@ietf.org <mailto:TLS@ietf.org>
    https://www.ietf.org/mailman/listinfo/tls
    <https://www.ietf.org/mailman/listinfo/tls>




_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to