[-seal +seat] On 13.09.25 04:28, Muhammad Usama Sardar wrote:
* Classical Lowe's hierarchy is not suitable for one-way
authentication. For example, weak agreement doesn't make much
sense to me when the client is not authenticated, i.e., server
cannot be sure of the identity of the client. Client never sends
the certificate in this case. How can the server agree on client's
identity?
This is argued formally in Sec. 1.6.3 in [0].
[...] second one is comprehensively covering the details of formal analysis of RA-TLS and TLS-attest, and our proposed solutions.
It was going over 100 pages. So I divided it into two pieces. [0] is the first piece. I do believe this piece has independent value for all the WGs/RG to which this email is being sent. Second paragraph in Sec. 1.7 sketches some ideas the WGs/RG /can/ benefit from this work.
I look forward to your thoughts/questions/comments. I will share the second piece whenever it is ready. -Usama[0] https://www.researchgate.net/publication/396593308_Perspicuity_of_Attestation_Mechanisms_in_Confidential_Computing_General_Approach
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
