Hello,
We have prepared the following draft, and request feedback on it. The
main points are
* Introduction of (anonymous) Kerberos tickets as added entropy to mix
with ECDH, and thereby provide Quantum Relief; it generalises this idea
to allow for other ways of adding entropy
* Introduction o
This would be for cases where we want to inject extra context into a
resumption.
That would be anything that changes an authentication property, so
for example if you wanted to include some agreement on the status of a
post-handshake auth or Exported Authenticator.
So for example imagine I had a s
On Mon, Feb 24, 2020 at 12:50 PM Christopher Wood
wrote:
> On Fri, Feb 21, 2020, at 1:15 PM, Rob Sayre wrote:
> >
> >
> > On Fri, Feb 21, 2020 at 8:35 AM Eric Rescorla wrote:
> > >
> > >
> > > On Thu, Feb 20, 2020 at 7:08 PM Rob Sayre wrote:
> > >> Hi,
> > >>
> > >> I'm not sure how violations
On Mon, Feb 24, 2020 at 4:33 PM Jonathan Hoyland
wrote:
> Just looking at this again, it might be better to make a slightly
> different tweak to the key schedule.
> Instead of:
>
> 0
> |
> v
> PSK -> HKDF-Extract = Early Secret
>
Just looking at this again, it might be better to make a slightly different
tweak to the key schedule.
Instead of:
0
|
v
PSK -> HKDF-Extract = Early Secret
|
+-> Derive-Secret(., "ext binder"
On Fri, Feb 21, 2020, at 1:15 PM, Rob Sayre wrote:
>
>
> On Fri, Feb 21, 2020 at 8:35 AM Eric Rescorla wrote:
> >
> >
> > On Thu, Feb 20, 2020 at 7:08 PM Rob Sayre wrote:
> >> Hi,
> >>
> >> I'm not sure how violations of these requirements would result in poor
> >> interoperability:
> >>
>
On Mon, Feb 24, 2020 at 1:36 AM Stephen Farrell
wrote:
>
> Hiya,
>
> On 24/02/2020 03:57, Christopher Wood wrote:
> > We’re actively analyzing ECHO. As of now, we expect this to complete
> > in March,
>
> I would welcome seeing that done in a more open
> manner.
>
I took this to mean a ProVerif
> On Feb 21, 2020, at 5:25 PM, Stephen Farrell
> wrote:
>
> On 21/02/2020 22:11, Watson Ladd wrote:
>
>> https://blog.cloudflare.com/towards-post-quantum-cryptography-in-tls/
>> https://blog.cloudflare.com/the-tls-post-quantum-experiment/
>>
>> This was also presented at the NIST standardiza
I support rapid adoption, if only based on general principles, as elaborated
below.
***
I have not studied the draft in detail, but I think that strongest-link
security is important to allow, the sooner the better, for those that can
afford it, I think the benefit is worth cost.
I th
Hiya,
On 24/02/2020 03:57, Christopher Wood wrote:
> We’re actively analyzing ECHO. As of now, we expect this to complete
> in March,
I would welcome seeing that done in a more open
manner.
S.
0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digita
10 matches
Mail list logo