Hi, Stephen Thanks much for your comments.
As IBS using a centralized PKG to generate keys for the peer, some users do concern about this feature. However, for some usage scenarios such as telecom operators, key escrow is not a issue since with the current telecom networks, all the mobile devices embedded with a root key in their USIM card, which is known to the home operators. So knowing the private keys of devices are not a issue, depends on the usage of the keys. If users worry about this feature, can we make it an optional feature and only when companies want to use it, then they can enable this feature or patch the library. Best regards. Haiguang ________________________________________ From: Stephen Farrell [stephen.farr...@cs.tcd.ie] Sent: Saturday, 23 March, 2019 2:24:03 AM To: Eric Rescorla; Wang Haiguang Cc: tls@ietf.org Subject: Re: [TLS] draft-wang-tls-raw-public-key-with-ibc-10 Hiya, On 21/03/2019 13:46, Eric Rescorla wrote: > In addition, the innherent escrow capability that you describe in Section 7 > is a way in which IBC systems are materially worse than PKI systems in a > way we don't know how to ameliorate (as opposed to CT). I agree with Ekr here. I'd go further and argue that applications really need to be aware that somewhere there's a key generator who knows all private keys and that it'd be too dangerous for that kind of difference to be hidden inside a TLS library. > For these reasons, I don't think this WG should adopt this work, though > the process allows you to have a code point without adoption. +1 Cheers, S. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
