On Wed, Mar 28, 2018 at 9:44 AM, Viktor Dukhovni <openssl-users@xxxxxxxxxxxx> wrote:
It would more sense for C to issue short-term client certificates.
Session tickets are for session resumption. In particular they
can't authenticate the server to the client, so you still need
an initial handshake for that.
To do GSSAPI with TLS, do TLS on the outside (client authenticates
the server and establishes an secure channel), and then GSSAPI
with channel binding (server authenticates the client as being the
party at the other end of the channel).
It would make more sense, but you're changing the problem definition. Needham-Schroeder is intended to be used over an insecure network.
"Well," Brahma said, "even after ten thousand explanations, a fool is no wiser, but an intelligent person requires only two thousand five hundred."
- The Mahābhārata
- The Mahābhārata
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
