Re: [TLS] ITDA - IoT Device Authentication

Salz, Rich Sun, 17 Feb 2019 10:51:06 -0800

I would also be concerned about adding a "new" scheme that easily functions as 
an oracle.


On 2/16/19, 8:01 PM, "Peter Gutmann" <pgut...@cs.auckland.ac.nz> wrote:

    Sankalp Bagaria <sankalp.n...@gmail.com> writes:
    
    >We propose that the server is authenticated using X509 certificate in a TLS
    >1.3 like protocol. The Server sends 32-byte Challenge. Client replies by
    >sending 32-byte Response.
    
    Something very similar to this already exists in the form of CHAP/MSCHAP 
over
    PEAP/EAP-TLS/EAP-TTLS.  It's supported by every Radius server and vast 
numbers
    (probably billions) of clients.  To compete against this huge installed 
base, any
    new proposal would have to be pretty spectacular...
    
    Peter.
    
    _______________________________________________
    TLS mailing list
    TLS@ietf.org
    https://www.ietf.org/mailman/listinfo/tls
    

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] ITDA - IoT Device Authentication

Reply via email to