Julien Pierre wrote: > Jay Potter wrote: > > Any suggestions on what I would need to do to get this implimented? > > A lot of convincing that it is worth doing, to begin with. IMO, > pre-shared keys have no place in a general-purpose Internet browser such > as Mozilla. The authors of RFC4279 agree - see section 1.1 . > > " The ciphersuites defined in this document are intended for a rather > limited set of applications, usually involving only a very small > number of clients and servers. Even in such environments, other > alternatives may be more appropriate."
That was added mostly to keep the still-waiting-for-PKI-to-start-working crowd appeased. I don't think it reflects the opinions of most TLS-PSK users, and shouldn't have any bearing on support of TLS-PSK in Mozilla. (This could turn into a religious debate, but IMHO properly-implemented TLS-PSK is one of the strongest anti-phishing measures that could be added to current web browsers). Peter. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
