Re: Protocol Design Pattern (was Re: [saag] Last Call: <draft-dukhovni-opportunistic-security-01.txt>)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Nico Williams <nico@xxxxxxxxxxxxxxxx>, Paul Wouters <paul@xxxxxxxxx>
Subject: Re: Protocol Design Pattern (was Re: [saag] Last Call: <draft-dukhovni-opportunistic-security-01.txt>)
From: Eliot Lear <lear@xxxxxxxxx>
Date: Tue, 19 Aug 2014 15:09:49 +0200
Archived-at: http://mailarchive.ietf.org/arch/msg/ietf/sdLuhpem0D1zBrgLwhH8F0xVMHk
Cc: saag <saag@xxxxxxxx>, "ietf@xxxxxxxx" <ietf@xxxxxxxx>, Dave Crocker <dcrocker@xxxxxxxx>
Delivered-to: ietf@xxxxxxxxxxxxxx
In-reply-to: <CAK3OfOjY6F3d8Fc1anK=doE1e1ErWHM8ZPuyTAy6e6gDjcGBpA@mail.gmail.com>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0

Hi Nico,

On 8/18/14, 5:35 PM, Nico Williams wrote:
>
>> - Follow RFCs as strict as possible to defeat fingerprinting attacks
> Agreed, but again: too generic.
>
>> - If a connection is one-sided authenticated (eg like TLS) ensure your
>>   protocol is okay with a role-reversal (eg if it needs to authenticate
>>   the end that was anonymous)
> Ditto.

Are you saying you want an example of one-sided authentication where
role-reversal #FAILs?

Eliot

Attachment: signature.asc
Description: OpenPGP digital signature

References:
- Re: Last Call: <draft-dukhovni-opportunistic-security-01.txt> (Opportunistic Security: some protection most of the time) to Informational RFC
  - From: Stephen Farrell
- Re: Last Call: <draft-dukhovni-opportunistic-security-01.txt> (Opportunistic Security: some protection most of the time) to Informational RFC
  - From: Stephen Farrell
- Re: Last Call: <draft-dukhovni-opportunistic-security-01.txt> (Opportunistic Security: some protection most of the time) to Informational RFC
  - From: Stephen Kent
- Protocol Design Pattern (was Re: [saag] Last Call: <draft-dukhovni-opportunistic-security-01.txt>)
  - From: Dave Crocker
- Re: Protocol Design Pattern (was Re: [saag] Last Call: <draft-dukhovni-opportunistic-security-01.txt>)
  - From: Nico Williams
- Re: Protocol Design Pattern (was Re: [saag] Last Call: <draft-dukhovni-opportunistic-security-01.txt>)
  - From: Paul Wouters
- Re: Protocol Design Pattern (was Re: [saag] Last Call: <draft-dukhovni-opportunistic-security-01.txt>)
  - From: Nico Williams

Prev by Date: Re: [saag] Protocol Design Pattern (was Re: Last Call: <draft-dukhovni-opportunistic-security-01.txt>)
Next by Date: Re: [DNSOP] Last Call: <draft-ietf-dnsop-child-syncronization-02.txt> (Child To Parent Synchronization in DNS) to Proposed Standard
Previous by thread: Re: Protocol Design Pattern (was Re: [saag] Last Call: <draft-dukhovni-opportunistic-security-01.txt>)
Next by thread: Re: Protocol Design Pattern (was Re: [saag] Last Call: <draft-dukhovni-opportunistic-security-01.txt>)
Index(es):
- Date
- Thread

[Index of Archives] [IETF Annoucements] [IETF] [IP Storage] [Yosemite News] [Linux SCTP] [Linux Newbies] [Fedora Users]