1 / 4

Use Cases for FXA-TLS

Explore the multiple use cases of FXA-TLS, a method to enhance security for both standard and non-standard protocols using TLS. Discover practical issues and limitations faced in different categories of protocols.

eswider
Download Presentation

Use Cases for FXA-TLS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Use Cases for FXA-TLS Larry Zhu Leif Johansson IETF69

  2. Category 1: Standard protocols • Two variants for all protocols • LDAP • SMTP • etc • http://www.secure-endpoints.com/tls-gss/draft-santesson-tls-gssapi-03.txt appendix B • Using SASL is less desirable • Future use cases –less code branches to test and better secrurity

  3. Category 2: Non Standard protocols • Use TLS to add a security layer • No SASL variants for these protocols • Practical issues: firewalls and NAT traversal

  4. Category 3: RFC4559 • only supports single-round-trip GSS-API mechanisms • lacks of channel bindings to the underlying TLS connection which makes in unsuitable for deployment in situations where proxies exists • lacks of session-based re-authentication

More Related