Presentation is loading. Please wait.

Presentation is loading. Please wait.

August 2001 Slide 1 Extensions to TLS Simon Blake-Wilson Certicom David Hopwood Independent Consultant Jan Mikkelsen Transactionware Magnus Nystrom RSA.

Published byKelly Potter Modified over 8 years ago

Similar presentations

Presentation on theme: "August 2001 Slide 1 Extensions to TLS Simon Blake-Wilson Certicom David Hopwood Independent Consultant Jan Mikkelsen Transactionware Magnus Nystrom RSA."— Presentation transcript:

1 August 2001 Slide 1 Extensions to TLS Simon Blake-Wilson Certicom David Hopwood Independent Consultant Jan Mikkelsen Transactionware Magnus Nystrom RSA Security Tim Wright Vodafone

2 August 2001 Slide 2 Content Updates from “wireless extensions” Issues raised The way forward?

3 August 2001 Slide 3 DNS name extension New to the draft Allows a single “machine” to host multiple “servers” Client tells server DNS name of server being contacted Server may use info to help produce response

4 August 2001 Slide 4 Other Extensions Clarified session resumption - extensions ignored during session resumption Short session IDs - removed Client cert urls - client supplies a list, one url = one cert Client cert urls - both cert hash and url supplied Truncated MACs - restricted to HMAC with MD5 and SHA-1 Trusted root indication - cert hash option added

5 August 2001 Slide 5 New Error Alerts Be careful when new error alerts get sent! Unsupported extension Bad extension order Unrecognized domain Certificate unobtainable Bad OCSP response

6 August 2001 Slide 6 Issues How serious is “certificate unobtainable” alert? Do we need to require client driven extensions? How/where do DNS names get canonicalized? Generalize OCSP status request? Tie extensions with TLS version rev?

7 August 2001 Slide 7 The Way Forward? Update based on comments and known issues WG last call?

Download ppt "August 2001 Slide 1 Extensions to TLS Simon Blake-Wilson Certicom David Hopwood Independent Consultant Jan Mikkelsen Transactionware Magnus Nystrom RSA."

Similar presentations

Hypertext Transfer PROTOCOL ----HTTP Sen Wang CSE5232 Network Programming.

Hypertext Transfer PROTOCOL ----HTTP Sen Wang CSE5232 Network Programming.
Cryptography and Network Security Chapter 16

Cryptography and Network Security Chapter 16
Web security: SSL and TLS

Web security: SSL and TLS
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
SSL Implementation Guide Onno W. Purbo

SSL Implementation Guide Onno W. Purbo
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Proposal for WAP-IETF co- operation on a wireless friendly TLS Tim Wright, Vodafone and chair WAP Security Group

Proposal for WAP-IETF co- operation on a wireless friendly TLS Tim Wright, Vodafone and chair WAP Security Group
Lecture 6: Web security: SSL

Lecture 6: Web security: SSL
Cryptography and Network Security

Cryptography and Network Security
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?

COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
Draft-lemonade-imap-submit-01.txt “Forward without Download” Allow IMAP client to include previously- received message (or parts) in or as new message.

Draft-lemonade-imap-submit-01.txt “Forward without Download” Allow IMAP client to include previously- received message (or parts) in or as new message.
DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-02.txt) IETF 62 (Minneapolis) Yan Renxiang Alcatel Shanghai Bell.

DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-02.txt) IETF 62 (Minneapolis) Yan Renxiang Alcatel Shanghai Bell.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Protected Extensible Authentication Protocol

Protected Extensible Authentication Protocol
DNS-centric PKI Sean Turner Russ Housley Tim Polk.

DNS-centric PKI Sean Turner Russ Housley Tim Polk.

Similar presentations

Ads by Google