SSL's threat model
Eric Rescorla
ekr at rtfm.com
Sat Sep 6 14:30:35 EDT 2003
Ian Grigg <iang at systemics.com> writes:
> Does anyone have any pointers to the SSL threat model?
>
> I have Eric Rescorla's book and slides talking about the
> Internet threat model.
>
> The TLS RFC (http://www.faqs.org/rfcs/rfc2246.html) says
> nothing about threat models that I found.
Yeah. You can kind of infer it from the security analysis at
the end, but I agree it's not optimal. It's important to
remember that the guy who originally designed SSL (Kipp Hickman)
wasn't a security guy and doesn't seem to really have had
a threat model in mind.
When I write about it, generally try to summarize what I think
the implicit threat model is based on my memory of the zeitgeist
at the time and the characteristics of SSL.
-Ekr
--
[Eric Rescorla ekr at rtfm.com]
http://www.rtfm.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list