No. It's not true for any association method that's defined in the spec, whether SSL, DH or plain-text is used. The OP entirely determines the secret. DH or SSL is only used to secure transmission of that secret to the RP.<div>
<br clear="all">--<br>Andrew Arnott<br>"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - Voltaire<br>
<br><br><div class="gmail_quote">2009/3/19 Ben Laurie <span dir="ltr"><<a href="mailto:benl@google.com">benl@google.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div><div></div><div class="h5">On Thu, Mar 19, 2009 at 5:22 PM, Martin Atkins <<a href="mailto:mart@degeneration.co.uk">mart@degeneration.co.uk</a>> wrote:<br>
> Ben Laurie wrote:<br>
>><br>
>> On Thu, Mar 19, 2009 at 2:17 PM, Andrew Arnott <<a href="mailto:andrewarnott@gmail.com">andrewarnott@gmail.com</a>><br>
>> wrote:<br>
>>><br>
>>> Maybe it's just me, but I don't like the terminology we're using. DH and<br>
>>> SSL are only redundant when used together.<br>
>><br>
>> I don't understand why. As I said, DH over SSL gives you a shared<br>
>> secret, which SSL alone does not. Of course there are cheaper ways to<br>
>> arrive at a shared secret over SSL, but that's not the point.<br>
>><br>
>>> Otherwise they're complementary.<br>
>>> If SSL cannot be used, for whatever reason, DH is mandatory.<br>
>><br>
>> But does not protect against MitM, and so is not equivalent. Which is<br>
>> not what "complementary" means to me.<br>
>><br>
><br>
> I believe what's being discussed here is using the secure channel to<br>
> exchange a shared secret in "cleartext" (as far as the application layer is<br>
> concerned).<br>
><br>
> This is actually already permitted by the spec, but the spec does not say<br>
> that it is *required* to use the "cleartext" session mode when on a secure<br>
> channel. This is the change that I think is being proposed here.<br>
<br>
</div></div>Ah. I see.<br>
<br>
So, I am going to be lazy, because I have not checked the spec, but<br>
its considered good practice when establishing a shared secret for<br>
both sides to contribute to that secret. Is that true for the<br>
cleartext secret?<br>
<br>
><br>
><br>
</blockquote></div><br></div>