Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

What happens if TLS SRP and TLS 1.3 are used together? #4262

Closed
sayrer opened this issue Aug 24, 2019 · 1 comment
Closed

What happens if TLS SRP and TLS 1.3 are used together? #4262

sayrer opened this issue Aug 24, 2019 · 1 comment

Comments

@sayrer
Copy link

sayrer commented Aug 24, 2019

From https://tools.ietf.org/html/draft-barnes-tls-pake-04:

"In prior versions of TLS, this functionality has been provided by the integration of the Secure Remote Password PAKE protocol (SRP) [RFC5054]. The specific SRP integration described in RFC 5054 does not immediately extend to TLS 1.3 because it relies on the Client Key Exchange and Server Key Exchange messages, which no longer exist in 1.3."

It doesn't seem like this combination will work. I guess maybe some docs should be added.

@bagder
Copy link
Member

bagder commented Aug 24, 2019

Sounds like a good idea, but this is the first I learn about this so I could use some help on what to say...

@bagder bagder closed this as completed in 4147d58 Dec 16, 2019
@lock lock bot locked as resolved and limited conversation to collaborators Mar 17, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Development

No branches or pull requests

2 participants