W3C home > Mailing lists > Public > public-webcrypto@w3.org > May 2012

Re: Fwd: [from ekr] More on key isolation/netflix use case

From: Mitch Zollinger <mzollinger@netflix.com>
Date: Mon, 14 May 2012 12:28:14 -0700
Message-ID: <4FB15CCE.4060003@netflix.com>
To: Eric Rescorla <ekr@rtfm.com>
CC: <public-webcrypto@w3.org>
On 5/14/12 12:11 PM, Eric Rescorla wrote:
> On Mon, May 14, 2012 at 12:08 PM, Mitch Zollinger
> <mzollinger@netflix.com>  wrote:
>> The MiM attack is prevented by device authentication that is done using some
>> other means. I did not include an authenticated DH exchange (or key
>> unwrapping exchange for that matter) for the sake of simplicity. If the doc
>> needs clarity on this point, I'm happy to add the caveat that authentication
>> is expected.
> Then i really don't understand the point of this exchange at all, since if
> you already have keying material for the device you can just use that
> directly to arrange to have a shared secret.

If I have pre-shared keys (or X509 certs + keys) on these devices, I can 
use those for device authentication, then perform a DH exchange to 
create a session / session key with PFS, for example.

Mitch

>
> -Ekr
>
Received on Monday, 14 May 2012 19:28:45 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:10 UTC