In your previous mail you wrote:
The IESG has approved the following document:
- 'Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) '
<draft-ietf-tls-psk-09.txt> as a Proposed Standard
=> this document seems to go in the wrong way: pre-shared secrets
are known to be weaker than certificates and TLS has already many
problems with its misuses (for instance no client verification or
poor server certificate validation).
I remember a similar discussion about IKEv2 but in this case pre-shared
secrets were kept for compatibility... I can't see why no argument
against pre-shared secrets applies for the TLS case. Perhaps a security area
director can help me? BTW, I don't buy the "limited CPU power" argument
without real world examples.
Regards
Francis.Dupont@xxxxxxxxxxxxxxxx
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf