On Wed, 2018-03-07 at 11:15 +0000, John Spray wrote: > I'm curious about the motivation for TLS in particular, as opposed to > using a stream cipher (plain AES-256 or similar) based on the > existing cephx shared secrets and authorization tickets. Because the > endpoints are already authorized, it seems like it should be possible > to avoid introducing an additional set of certificates. While the implementation described appears to use certified public keys as the basis for authentication over TLS, pre-shared key cipher-suites are also available; see, for example, RFC 5489: "ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)" https://tools.ietf.org/html/rfc5489 I believe that cephx secret keys, or some derivative of them, could be sensibly used with such a scheme? It will likely be easier to convince others that it is safe to rely on an over-the-wire encryption mechanism if it is based on an existing peer-reviewed scheme. Kind regards, David -- David McBride <dwm37@xxxxxxxxx> Computing Officer, University of Cambridge
Attachment:
signature.asc
Description: This is a digitally signed message part
