Technical Summary
This document was born from a DT (Design Team) formed after discussions
at IETF 106 about draft-ietf-tls-external-psk-importer made it clear that some
guidance was needed with respect to PSK (Pre-Shared Key) usage. It summarizes
known use cases and risks, and offers guidance on using PSKs securely in TLS.
Working Group Summary
The DT was comprised of the following participants: Benjamin Beurdouche,
Bjoern Haase, Christopher Wood, Colm MacCarthaigh, Eric Rescorla, Jonathan Hoyland,
Martin Thomson, Mohamad Badra, Mohit Sethi, Oleg Pekar, Owen Friel,
and Russ Housley. In addition to this powerhouse DT providing input on
the original version of the document, the document was also reviewed by the
following people: Scott Hollenbeck, Jim Schaad, Carrick Bartle, Watson Ladd,
John Mattsson, Ben Smyth, and Jonathan Hammell. The Shepherd has no
concerns whatsoever about the breadth and depth of reviews.
The DT’s output was presented at a virtual interim meeting. The remainder of the discussion occurred on the list.
Document Quality
The document does not specify a protocol per se, but it has been
well reviewed and implementations either implement the guidance or
allow library consumers to do so directly.
Personnel
Sean Turner is the document Shepherd.
Ben Kaduk is the responsible Area Director.