Skip to main content

Data Center use of Static Diffie-Hellman in TLS 1.3
draft-green-tls-static-dh-in-tls13-01

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Matthew Green , Ralph Droms , Russ Housley , Paul Turner , Steve Fenter
Last updated 2018-01-04 (Latest revision 2017-07-03)
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

Unlike earlier versions of TLS, current drafts of TLS 1.3 have instead adopted ephemeral-mode Diffie-Hellman and elliptic-curve Diffie-Hellman as the primary cryptographic key exchange mechanism used in TLS. This document describes an optional configuration for TLS servers that allows for the use of a static Diffie-Hellman private key for all TLS connections made to the server. Passive monitoring of TLS connections can be enabled by installing a corresponding copy of this key in each monitoring device.

Authors

Matthew Green
Ralph Droms
Russ Housley
Paul Turner
Steve Fenter

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)