On Tue, April 5, 2016 7:42 am, Adam Langley wrote: > On Tue, Apr 5, 2016 at 4:55 PM, Peter Gutmann <pgut...@cs.auckland.ac.nz> > wrote: >> How hard can it be to implement TLS-PSK? I did it in a few hours in my >> crypto >> library. > > This is getting off topic (which is my fault) but, for us, it wouldn't > be "just" implementing PSK. > > We would need to evangelise it sufficiently with enough vendors to > make sure that it would be used and that we were building the right > thing. (The solution might well not be just using PSK). Then we need > to implement it and get the UI right, try and get other browsers to > implement it, write specs, write test suites, write sample code for > all the vendors, deal with the resulting bugs in implementations and > many smaller things besides. > > That's not to say that we wouldn't be willing to put the effort in, > but the demand hasn't been evinced yet.
Don't bother. It's unlikely to be used in a browser. This just underscores the point I was making that people use TLS differently for different things and the requirements are not the same. Just as it doesn't make sense to force a browser to implement a PSK (or PAKE) cipher suite, it doesn't make sense to force some device with a limited UI that has no interest in accessing random web servers to use a public key. regards, Dan. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
