[114819] in cryptography@c2.net mail archive
Re: TLS-SRP & TLS-PSK support in browsers (Re: Dutch Transport Card Broken)
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Sat Feb 9 18:45:02 2008
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@metzdowd.com, Victor.Duchovni@MorganStanley.com
In-Reply-To: <20080206185110.GW18453@np305c2n2.ms.com>
Date: Thu, 07 Feb 2008 20:47:20 +1300
Victor Duchovni <Victor.Duchovni@MorganStanley.com> writes:
>While Firefox should ideally be developing and testing PSK now, without
>stable libraries to use in servers and browsers, we can't yet expect anything
>to be released.
Is that the FF devlopers' reason for holding back? Just wondering... why not
release it with TLS-PSK/SRP anyway (particularly with 3.0 being in the beta
stage, it'd be the perfect time to test new features), tested against existing
implementations, then at least it's ready for when server support appears. At
the moment we seem to be in a catch-22, servers don't support it because
browsers don't, and browsers don't support it because servers don't.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
