Nelson B Bolyard wrote: > [EMAIL PROTECTED] wrote, On 2008-10-14 13:52 PDT: >> I was wondering if implementation of TLS-PSK (RFC 4279) is currently in >> development. I do not see it in the current NSS source or roadmap. Thank >> you for any help. >> >> -John Engler > > No. There are no plans to include any PSK cipher suites in NSS. > Because of the enormous potential for PSK cipher suites to be misused by > application developers, there is strong resistance to incorporating them > into NSS.
Nelson, I'm fascinated by this: what can PSK have done that would be so ... misusable? People in the apps security field hold out high hopes for TLS-PSK as a great aid for phishing; it would be a shame of that didn't happen (not to mention, confusing...) Surely it is much the same as any other protocol, you can shoot yourself in the foot if you want to? iang PS: I would hasten to add I am only curious; personally I am not particularly concerned about PSK, as I understand that is requires the apps developers to re-code to use it in their packages. This means it will take a long time to follow through... I think TLS-SNI and ordinary certs will have a much bigger effect. Curiously, the PSK people do not agree. Nice experiment to run!
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
