[Security] TLS Triple Handshakes

Dave Cridland dave at cridland.net
Tue Mar 4 11:58:50 UTC 2014


On 4 March 2014 11:30, Peter Saint-Andre <stpeter at stpeter.im> wrote:

> On 3/4/14, 11:11 AM, Thijs Alkemade wrote:
>
>>
>>> Yes, it should do.
>>>
>>> Resuming a TLS session and resuming the application session is
>>> something that was discussed by (I think) a Nokia paper (Pasi Eironen,
>>> from memory). It requires a substantial amount of support.
>>>
>>> Resuming a TLS session and enabling this to be used for authentication
>>> (due to a previous application-layer authentication) was discussed in
>>> an I-D I did years ago.
>>>
>>
>> Okay, good to know.
>>
>
> That would be:
>
> http://tools.ietf.org/id/draft-cridland-sasl-tls-sessions-00.txt
>
>
>
Right, and Pasi Eronen's much cleverer paper is here:
http://www.pasieronen.com/publications/ - it's the second one down.

Dave.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/security/attachments/20140304/8d2334f2/attachment.html>


More information about the Security mailing list