Hey, I would like to request a label for OpenVPN to use with the RFC5705 Keying Material Exporters to generate keying material for its data channel encryption.
I hope this the right place to discuss this topic. The requirements of requesting a label seem to be to have specification for the protocol. Unfortunately the OpenVPN protocol does not have a full written specification. We have some documentation for the key exchange process (https://github.com/schwabe/openvpn/blob/tls_key_export/doc/doxygen/doc_key_generation.h) and some other parts documented as well but no full specification of the protocol. Nevertheless, I would like to be able to use RFC 5705 API as this seems a much cleaner approach compared to OpenVPN's custom TLS 1.0 inspired PRF function and I am wondering what the best approach here to choose a label is. In my current implementation I used EXPORTER-OpenVPN-datakeys as label as the currently defined seems to follow no particular pattern, so I was not sure what a "good" label would be. https://github.com/schwabe/openvpn/commits/tls_key_export Arne _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
