Proposed Transport Layer Security TLS Evidence Extensions - PowerPoint PPT Presentation

About This Presentation

Title:

Proposed Transport Layer Security TLS Evidence Extensions

Description:

TLS is used to protect many different applications, but TLS does not provide any ... Both the client and the server must have certified signature keys. Proposed ... – PowerPoint PPT presentation

Number of Views:58

Avg rating:3.0/5.0

Slides: 10

Provided by: RussHo4

Learn more at: https://www.ietf.org

Category:

Tags: tls | evidence | extensions | layer | proposed | security | signature | transport

Transcript and Presenter's Notes

Title: Proposed Transport Layer Security TLS Evidence Extensions

1
ProposedTransport Layer Security (TLS)Evidence
Extensions

ltdraft-housley-evidence-extns-00.txtgt
Russ Housley
IETF 67 TLS WG Session

2
Motivation

TLS is used to protect many different
applications, but TLS does not provide any
evidence of the protected content
Of course not, it is the transport layer
But, the alternative is evidence mechanism in
every application that makes use of TLS

3
Signatures

Digital signatures are used to generate the
evidence
Both the client and the server must have
certified signature keys

4
ProposedEvidence Creation Exchange

Client
Server
ClientHello (w/ extns) --------gt
ServerHello (w/ extns)
Certificate
ServerKeyExchange
CertificateRequest
lt--------
ServerHelloDone
Certificate
ClientKeyExchange
CertificateVerify
ChangeCipherSpec
Finished --------gt
ChangeCipherSpec
lt--------
Finished
Application Data lt-------gt
Application Data
Alert(evidence_start1) --------gt
Application Data
lt--------
Alert(evidence_start2)

5
Application Support

To gather evidence from an unchanged application,
the evidence start alerts are sent immediately
after the Finished message, and the evidence end
alerts are sent at the end of the session
If willing to change an application, then alerts
can be placed at interesting content

6
Evidence Protocol (1 of 3)

enum
request(1), response(2), (255)
EvidenceMsgType
struct
EvidenceMsgType evidence_msg_type
uint24 length / number of octets in message
/
select (EvidenceMsgType)
case request EvidenceRequest
case response EvidenceResponse
body
EvidenceProtocol

7
Evidence Protocol (2 of 3)

struct
Evidence evidencelt1..216-1gt
ASN.1Cert party1_certificate
EvidenceSignature party1_signature
EvidenceRequest
struct
EvidenceCreateSuite evidence_suite
uint32 gmt_unix_time
opaque handshake_protocol_hashlt1..512gt
opaque app_data_sent_hashlt1..512gt
opaque app_data_received_hashlt1..512gt
Evidence

8
Evidence Protocol (3 of 3)

struct
Evidence evidencelt1..216-1gt
ASN.1Cert party1_certificate
EvidenceSignature party1_signature
ASN.1Cert party2_certificate
EvidenceSignature party2_signature
EvidenceResponse

9
Request to TLS Working Group

Authors are asking the TLS WG to accept the
document, and move it forward as a Proposed
Standard

Write a Comment

User Comments (0)

About PowerShow.com

Recommended Relevance Latest Highest Rated Most Viewed

Sort by:

Related More from user

CrystalGraphics Presentations

Introducing-PowerShowcom PowerPoint PPT Presentation

Introducing-PowerShowcom - Introducing-PowerShowcom (Without Music)

CrystalGraphics 3D Character Slides for PowerPoint PowerPoint PPT Presentation

CrystalGraphics 3D Character Slides for PowerPoint - CrystalGraphics 3D Character Slides for PowerPoint

Chart and Diagram Slides for PowerPoint PowerPoint PPT Presentation

Chart and Diagram Slides for PowerPoint - Beautifully designed chart and diagram s for PowerPoint with visually stunning graphics and animation effects. Our new CrystalGraphics Chart and Diagram Slides for PowerPoint is a collection of over 1000 impressively designed data-driven chart and editable diagram s guaranteed to impress any audience. They are all artistically enhanced with visually stunning color, shadow and lighting effects. Many of them are also animated. And they’re ready for you to use in your PowerPoint presentations the moment you need them. – PowerPoint PPT presentation

Related Presentations

Securing%20Information%20Systems PowerPoint PPT Presentation

Securing%20Information%20Systems - Malware is active throughout the globe. ... Technologies and Tools for Security ... Technologies and Tools for Security. Essentials of Business Information Systems ... | PowerPoint PPT presentation | free to view

Overhead and Performance Study of the General Internet Signaling Transport (GIST) Protocol PowerPoint PPT Presentation

Overhead and Performance Study of the General Internet Signaling Transport (GIST) Protocol - Limited extensibility (objects and semantics specifically for QoS) ... the complexity worth the added security, extensibility, and modularity. ... | PowerPoint PPT presentation | free to view

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks PowerPoint PPT Presentation

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks - TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry & David Wagner Dr. Xiuzhen Cheng Department of Computer Science | PowerPoint PPT presentation | free to view

Aero mobile new orbital extensions PowerPoint PPT Presentation

Aero mobile new orbital extensions - aero transport russian research | PowerPoint PPT presentation | free to view

Aero mobile new orbital extensions PowerPoint PPT Presentation

Aero mobile new orbital extensions - aero transport russian research 2006-2013 | PowerPoint PPT presentation | free to view

Doctor of Technology Thesis A Generic Security Evaluation Method for Open Distributed Systems. By Ann Frisinger (KTH-Royal Institute of Technology) March 2001. PowerPoint PPT Presentation

Doctor of Technology Thesis A Generic Security Evaluation Method for Open Distributed Systems. By Ann Frisinger (KTH-Royal Institute of Technology) March 2001. - Doctor of Technology Thesis A Generic Security Evaluation Method for Open Distributed Systems. By Ann Frisinger (KTH-Royal Institute of Technology) | PowerPoint PPT presentation | free to view

The Establishment of Uniform Standards and Guidelines on Land Transport Security in a Non-Uniform Environment PowerPoint PPT Presentation

The Establishment of Uniform Standards and Guidelines on Land Transport Security in a Non-Uniform Environment - The Establishment of Uniform Standards and Guidelines on Land Transport Security in ... passenger awareness Security partnership between railway police and rail ... | PowerPoint PPT presentation | free to view

INF-3190: Transport Layer PowerPoint PPT Presentation

INF-3190: Transport Layer - Transport Layer Foreleser: Carsten Griwodz Email: griff@ifi.uio.no | PowerPoint PPT presentation | free to view

William Stallings, Cryptography and Network Security 5/e PowerPoint PPT Presentation

William Stallings, Cryptography and Network Security 5/e - Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings ... secure sockets layer (SSL), secure electronic transactions (SET), and S/MIME. | PowerPoint PPT presentation | free to view

Cryptography and Network Security Chapter 16 PowerPoint PPT Presentation

Cryptography and Network Security Chapter 16 - Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture s by Lawrie Brown | PowerPoint PPT presentation | free to view

The Best SAP Security online training in India, USA & UK. PowerPoint PPT Presentation

The Best SAP Security online training in India, USA & UK. - Our IT HUB online training classes are made on real world encounters, in order to get in-depth, practical guidance. SAP Security online training classes have been structured by IT HUB online training to ensure the training you get from IT HUB online training will be instantly relevant for your job - not only for a training lab's idealized environment. If you're thinking about a different subject (or variant) than what's listed below, please contact us and we'll happily work to fit the bill. SAP Security online training is a web application platform offering some tools which can be utilized to supply file and record management, intranet portals, cooperation, and social networks. The SAP Security online training platform offers workflow abilities and many more procedure. | PowerPoint PPT presentation | free to view

The Best SAP Security online training in India, USA & UK. (1) PowerPoint PPT Presentation

The Best SAP Security online training in India, USA & UK. (1) - Our IT HUB online training classes are made on real world encounters, in order to get in-depth, practical guidance. SAP Security online training classes have been structured by IT HUB online training to ensure the training you get from IT HUB online training will be instantly relevant for your job - not only for a training lab's idealized environment. If you're thinking about a different subject (or variant) than what's listed below, please contact us and we'll happily work to fit the bill. SAP Security online training is a web application platform offering some tools which can be utilized to supply file and record management, intranet portals, cooperation, and social networks. | PowerPoint PPT presentation | free to view

Best SAP security online training by IT Real Time Experts PowerPoint PPT Presentation

Best SAP security online training by IT Real Time Experts - Essentially IT Hub Online trainings began in this world with the goal of better service to any or all pupils we're trying to find to become a greatest training facility on the planet with my better service We made lots of pupils to settle in several states. Every pupil has a desire that to be sponsored by our firm. We are going to give quality of care and training with student with great communicating. http://www.ithubonlinetraining.com/sap-security-online-training/ Kindly contact us for queries, suggestions, issues and advises, Contact Info: India :+91 8121311133 USA :+1-347-606-2716 E-mail id :contact@ithubonlinetraining.com Website : http://www.ithubonlinetraining.com/ Thanks for visiting ithubonlinetraining .com | PowerPoint PPT presentation | free to view

SAP SECURITY ONLINE TRAINING IN USA|UK|CANADA PowerPoint PPT Presentation

SAP SECURITY ONLINE TRAINING IN USA|UK|CANADA - www.magnifictraining.com is providing SAP "SECURITY"Online Training contact us:info@magnifictraining.com or +91-9052666559, USA :+1-847-787-7647 By Real Time Experts from Hyderabad, Bangalore,India,USA,Canada,South Africa, Australia,Uk,Dubai,Malaysia. | PowerPoint PPT presentation | free to view

SAP SECURITY ONLINE TRAINING IN AUSTRALIA|SINGAPORE|SOUTH AFRICA PowerPoint PPT Presentation

SAP SECURITY ONLINE TRAINING IN AUSTRALIA|SINGAPORE|SOUTH AFRICA - www.magnifictraining.com is providing SAP "SECURITY"Online Training contact us:info@magnifictraining.com or +91-9052666559, USA :+1-847-787-7647 By Real Time Experts from Hyderabad, Bangalore,India,USA,Canada,South Africa, Australia,Uk,Dubai,Malaysia. | PowerPoint PPT presentation | free to view

SAP SECURITY ONLINE TRAINING IN AUSTRALIA|SOUTH AFRICA|SINGAPRE|GERMANY PowerPoint PPT Presentation

SAP SECURITY ONLINE TRAINING IN AUSTRALIA|SOUTH AFRICA|SINGAPRE|GERMANY - www.magnifictraining.com is providing SAP "SECURITY"Online Training contact us:info@magnifictraining.com or +91-9052666559, USA :+1-847-787-7647 By Real Time Experts from Hyderabad, Bangalore,India,USA,Canada,South Africa, Australia,Uk,Dubai,Malaysia. | PowerPoint PPT presentation | free to view

ARE YOU ELIGIBLE FOR SOCIAL SECURITY DISABILITY BENEFITS? (1) PowerPoint PPT Presentation

ARE YOU ELIGIBLE FOR SOCIAL SECURITY DISABILITY BENEFITS? (1) - To qualify as disabled, your condition must interfere with the basic activities required to perform your previous job. Proper documentation and evidence are crucial for this step. We'll work with you and your doctors to prove the severity of your condition. | PowerPoint PPT presentation | free to view

Hole Transport Layer Market Research Report 2017 PowerPoint PPT Presentation

Hole Transport Layer Market Research Report 2017 - Global Hole Transport Layer Market Research Report 2017 provides a complete data analysis with Market value, Sales, Price, Industry Analysis and Forecast with the help of Industry Experts. | PowerPoint PPT presentation | free to view

Get Secure Indicator by Activating SSL/TLS Certificate PowerPoint PPT Presentation

Get Secure Indicator by Activating SSL/TLS Certificate - Now in Chrome - and soon in the other major web browsers - an insecure connection activates a Google Security Warning that says Not Secure in the address bar, beside the URL. To avoid Warning, get SSL/TLS Certificate. | PowerPoint PPT presentation | free to view

Fix Step by Step QuickBooks Tls Error At 18009619635 PowerPoint PPT Presentation

Fix Step by Step QuickBooks Tls Error At 18009619635 - QuickBooks TLS Error is one of such issues which happen due to incorrect internet setting. In such cases, QuickBooks fails to work and handle accounting and financial management. Here is The procedure of fixing QuickBooks TLS errors so that users can easily deal with same with utmost ease. | PowerPoint PPT presentation | free to view

Hardware Security Modules Market Comprehensive Research Study, Historical Analysis and Growth Rate 2022 PowerPoint PPT Presentation

Hardware Security Modules Market Comprehensive Research Study, Historical Analysis and Growth Rate 2022 - Market Research Future published a research report on “Global Hardware Security Modules Market Research Report- Forecast 2022” – Market Analysis, Scope, Stake, Progress, Trends and Forecast to 2022. Get complete Report @ https://www.marketresearchfuture.com/reports/hardware-security-modules-market-2410 | PowerPoint PPT presentation | free to view

Security and Vulnerability Assessment Market Forecast PowerPoint PPT Presentation

Security and Vulnerability Assessment Market Forecast - Security and Vulnerability Assessment Market will reach US$ 15 Billion by the year 2024. Vulnerability assessment is the process of identifying, classifying and ranking the vulnerabilities in a system. The vulnerability assessment process may include automated or manual techniques with an importance on comprehensive coverage and several degrees of severity. Using a risk based perspective, vulnerability assessments may aim various layers of technology; the most common of which are network, host and application-layer assessments. For More Information: https://www.renub.com/security-vulnerability-assessment-market-nd.php | PowerPoint PPT presentation | free to view

Hardware Security Modules Market 2018 Growth Rate Research Report and Future Plans 2022 PowerPoint PPT Presentation

Hardware Security Modules Market 2018 Growth Rate Research Report and Future Plans 2022 - Market Research Future published a research report on “Global Hardware Security Modules Market Research Report- Forecast 2022” – Market Analysis, Scope, Stake, Progress, Trends and Forecast to 2022. Get complete Report @ https://www.marketresearchfuture.com/reports/hardware-security-modules-market-2410 | PowerPoint PPT presentation | free to view

TLS 1.2 Readiness tool PowerPoint PPT Presentation

TLS 1.2 Readiness tool - TLS 1.2 Readiness tool is a collective set of internet security rules. This tool has gained majority of demand due to the industry security standard. The internet connection on your computer system or which is utilized mainly by QuickBooks Desktop version has the instructions from this tool. Call our team of experts if you want to know more about TLS 1.2 QuickBooks. | PowerPoint PPT presentation | free to view

CompTIA Security+ SY0-601 Domain 2: Architecture and Design PowerPoint PPT Presentation

CompTIA Security+ SY0-601 Domain 2: Architecture and Design - The latest version of Security+ SY0-601 have 5 Domains: Domain 1.0: Attacks, Threats, and Vulnerabilities (24%) Domain 2.0: Architecture and Design (21%) Domain 3.0: Implementation (25%) Domain 4.0: Operations and Incident Response (16%) Domain 5.0: Governance, Risk, and Compliance (14%) In this blog, we discuss the second domain, Architecture and Design. | PowerPoint PPT presentation | free to view

email security PowerPoint PPT Presentation

email security - ISYNC offers the strongest Cloud Email Security protection in the industry We are offering Best Email Encryption and Email Security Solutions that help you to make your data Secure and grow your business We are offering Best Email Protection Packages at a Good Price | PowerPoint PPT presentation | free to view

All About SSL, TLS and HTTPS PowerPoint PPT Presentation

All About SSL, TLS and HTTPS - SSLC full form: SECURE SOCKETS LAYER CERTIFICATE ; SSL is describes a technology that is used to encrypt and authenticate data traffic on the network. In the case of websites, this ensures secure transmission of data between browser and web server. | PowerPoint PPT presentation | free to view