Well, during my long and fruitful career I've come across many asinine statements - but this pearl from your collection outshines mine! Indeed "straight from the horse's" (or in the context - "mule's"?) mouth (no offense meant to those wonderful equestrians).
I'm struck speechless (which is unusual, as anybody who knows me would confirm :-). Regards, Uri ----- Original Message ----- From: pgut001 <pgut...@wintermute02.cs.auckland.ac.nz> To: pgut...@cs.auckland.ac.nz <pgut...@cs.auckland.ac.nz>; Blumenthal, Uri - 0662 - MITLL Cc: c...@irtf.org <c...@irtf.org>; ipsec@ietf.org <ipsec@ietf.org> Sent: Wed Mar 03 18:20:53 2010 Subject: Re: [Cfrg] [IPsec] Beginning discussion on secure password-only authentication for IKEv2 "Blumenthal, Uri - 0662 - MITLL" <u...@ll.mit.edu> writes: >On the vendor side - perhaps EKE patent concern was the cause (you >implement/sell free SRP and get slapped with EKE licensing)? And the users >found alternative solutions in the meanwhile? Nope. It's been supported in OpenSSL since 0.9.9, but not in any browser. The reason for not supporting it in Firefox is so astonishingly boneheaded that I'll quote the original message to make sure that it's straight from the horse's mouth ("PSK cipher suites" = non-patent-encumbered EKE in TLS-talk): -- Snip -- Subject: Re: NSS implementation of TLS-PSK/ RFC 4279 Date: Tue, 14 Oct 2008 14:01:10 -0700 From: Nelson B Bolyard <nel...@bolyard.me> Reply-To: mozilla's crypto code discussion list <dev-tech-cry...@lists.mozilla.org> jeng...@berkeley.edu wrote, On 2008-10-14 13:52 PDT: > I was wondering if implementation of TLS-PSK (RFC 4279) is currently in > development. I do not see it in the current NSS source or roadmap. Thank > you for any help. > > -John Engler No. There are no plans to include any PSK cipher suites in NSS. Because of the enormous potential for PSK cipher suites to be misused by application developers, there is strong resistance to incorporating them into NSS. -- Snip -- As for Microsoft, Opera, etc who knows? (If you work on, or have worked on, any of these browsers, I'd like to hear more about why it hasn't been considered). I think it'll be a combination of two factors: 1. Everyone knows that passwords are insecure so it's not worth trying to do anything with them. 2. If you add failsafe mutual authentication via EKE to browsers, CAs become entirely redundant. So the browser vendors' approach is to ignore EKE and keep on waiting for PKI to start working, forever if necessary. "PKI meurt, elle ne se rend pas!" [0]. Peter. [0] Hat tip to Luther Martin for the quote :-). _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec