On Fri, Apr 21, 2017 at 10:44:01AM +0200, Hannes Tschofenig wrote: > I have read draft-sullivan-tls-exported-authenticator-01 and have a few > questions. I haven't followed this work previously but have been > wondering whether this functionality would be useful for "me". > > The described functionality sounds like post-handshake authentication > from TLS 1.3 (although it does not use that term throughout the > document). I would have thought that this functionality is a replacement > to the TLS 1.2 renegotiation but then there is also the TLS 1.3 content > in there which raises the question about how this relates to the > post-handshake authentication functionality.
There are two things that can't be accomplished with PHA: - Authenticating the server for more identities. - Transmitting application context with the certificate. TLS 1.2 renegotiation also is incapable of either of those. > What does the following sentence mean and what is the use case for it? > > " > This proof of authentication can > be exported and transmitted out of band from one party to be > validated by the other party. > " > Who are the parties? Most probably TLS client and server. -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
