From mboxrd@z Thu Jan  1 00:00:00 1970
MIME-Version: 1.0
In-Reply-To: <71b465e856dfbd4b3ce36c3a3ae6bf03@felloff.net>
References: <71b465e856dfbd4b3ce36c3a3ae6bf03@felloff.net>
From: =?UTF-8?Q?Iruat=C3=A3_Souza?= <iru.muzgo@gmail.com>
Date: Thu, 24 Dec 2015 17:09:09 +0000
Message-ID: <CABJnqBRxTnt5AZvVLsZEsmWvVswJNidruO_FkWHaXg5cshnzoA@mail.gmail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Content-Type: text/plain; charset=UTF-8
Subject: Re: [9fans] using tls-psk cipher suits vs roll our own handshake
Topicbox-Message-UUID: 7ae2db44-ead9-11e9-9d60-3106f5b1d025

5) seems to much effort to do right/securely, no?

On Thu, Dec 24, 2015 at 4:45 PM,  <cinap_lenrek@felloff.net> wrote:
> plan9 currently uses the shared secret from the authentication
> process with ssl and rc4 cipher for encrypting traffic for
> exportfs and the cpu services (pushssl()). the cipher can be
> changed by the client by providing command line parameters,
> tho there is no real negotiation going on. if the server
> doesnt like the cipher from the client, the connection just
> breaks.
>
> when switching to tls, we have a few options:
>
> 1) do as we do with ssl, client sends what cipher and hash alg
> it wants as a string before calling pushtls().
>
> 2) use fixed cipher like chacha20/poly1305 aead unconditionally.
>
> 3) use fixed cipher initially, and after that, renegotiate
> cipher (devtls can change secrets and ciphers inband).
>
> 4) use standard tls handshake with PSK cipher suits.
>
> 5) make our own little cipher negotiation handshake protocol.
>
> suggestions?
>
> --
> cinap
>