Watson,
On Thu, Oct 8, 2015 at 5:03 PM, Stephen Kent <k...@bbn.com> wrote:
Watson,
I have two major comments. The draft recapitulates bits and pieces of
the TLS 1.3 draft, but it's not clear why this is done instead of
citing that draft. I also don't understand what it means to support a
bare public key: what exactly is to be done with this key, how is it
distinguished from the case of X509 certificate, is there are RFC
already defining this feature in TLS 1.2, etc. Similar questions apply
to TOFU.
The phrase "bare public key" (or raw public key) refers to a public key
not embedded in a cert. The term has been used in several IPsec RFCs, e.g.,
5386
and 6701. The intent is to define a standard way to convey a public key
w/o any implied authentication. Are you asking for additional clarification
for how such keys are used in 1.3?
Then the sentence containing that phrase should say as in RFC wxyz.
agreed, a cite would be appropriate.
You can look at RFCs 7435 and 7469 for discussions of TOFU.
I know what TOFU is, but are we going to require host keys to remain
the same eternally to support it? This implication should be drawn
out. Likewise, are we going to disconnect when keys change, or require
a signal to the application, etc.
Unless TOFU is the only option (which doesn't seem to be the case based
on your comments), then EKR is not requiring host keys to be static,
just offering another option to raw public keys.
Steve
_______________________________________________
Tcpinc mailing list
Tcpinc@ietf.org
https://www.ietf.org/mailman/listinfo/tcpinc
