On 8/22/18 at 6:55 PM, pgut...@cs.auckland.ac.nz (Peter Gutmann) wrote:
Is there any known actual use of raw public keys for TLS?
I know of a case where TLS (aka SSL) was not used because of the
lack of support for raw public keys. This work is 20 years old,
but I'm not sure the situation has changed very much.
The E programming language for distributed applications uses
remote object references of the form <key-fingerprint,
objectID), where the key-fingerprint is the hash of the object
supporting environment -- called a "Vat", and objectID is a
large secret number.
The Vats use a communication protocol called "Vat TP"
<http://www.erights.org/elib/distrib/vattp/CommSystemOverview.html>
to support remote object invocation.
TL:DR
As part of setting up a connection, the target Vat sends its
public key and the initiating Vat checks the hash of that key.
The connection parameters are validated by a signature over the
entire connection dialog. Once the hash has authenticated the
public key and the signature has validated the connection, the
initiating Vat can safely send the objectID.
There is a writeup explaining why SSL was not used
<http://www.erights.org/elib/distrib/vattp/SSLvsDataComm.html>
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | There's nothing so clear as | Periwinkle
(408)356-8506 | a design you haven't written | 16345
Englewood Ave
www.pwpconsult.com | down. - Dean Tribble | Los Gatos,
CA 95032
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
