Re: Revised Draft Charter

At 1:30 AM 4/6/96, Win Treese wrote:
>The group may also produce an informational RFC to describe conventions for
>the interface to a Socket (or transport) layer secure library to build
>specific applications as well as TCP port number conventions for running
>secure versions of network applications.

I'd like to see the group address issues surrounding disambiguating secure
sessions from insecure ones. For example, issues have been raised on the
SSL-talk list about whether using different port numbers is an appropriate
method of distinguishing protocols which are identical except for their use
(or lack thereof) of a secure transport layer. Given the limited number of
"trusted" port numbers (1024 or so), it seems that multiplying the number
of services by the number of possible transports might quickly lead to a
crisis. We should at least discuss methods of sharing ports between secure
and insecure sessions.

I'd also like to discuss authentication requirements for secure transports
(i.e., should there be required attributes in X.509 certificates for TLS
which specify the IP address or DNS name of the host in question), but I'm
not certain if that isn't already covered by the charter or if it doesn't
begin to dilute the focus of the working group.

 - Tim Dierks

Tim Dierks  --  timd@consensus.com  --  www.consensus.com
Head of Thing-u-ma-jig Engineering, Consensus Development

Received on Monday, 8 April 1996 04:21:11 UTC