Skip to main content

The SSLKEYLOGFILE Format for TLS
draft-ietf-tls-keylogfile-02

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-tls-keylogfile@ietf.org, paul.wouters@aiven.io, rfc-editor@rfc-editor.org, sean@sn3rd.com, tls-chairs@ietf.org, tls@ietf.org
Subject: Document Action: 'The SSLKEYLOGFILE Format for TLS' to Informational RFC (draft-ietf-tls-keylogfile-02.txt)

The IESG has approved the following document:
- 'The SSLKEYLOGFILE Format for TLS'
  (draft-ietf-tls-keylogfile-02.txt) as Informational RFC

This document is the product of the Transport Layer Security Working Group.

The IESG contact persons are Paul Wouters and Deb Cooley.

A URL of this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-tls-keylogfile/


Ballot Text

Technical Summary

   A format that supports the logging information about the secrets used
   in a TLS connection is described.  Recording secrets to a file in
   SSLKEYLOGFILE format allows diagnostic and logging tools that use
   this file to decrypt messages exchanged by TLS endpoints.

Working Group Summary


   The one thing that worried some people (including your responsible AD)
   was the fact that this could be used as pervasive monitoring tool if this
   file is offloaded/shared on production systems. Numerous warnings were
   added to the document to not do this. As the feature is already readily
   available (Firefox, Chrome, Wireshark, openssl, libcurl, etc.) those
   who are building such monitoring devices can already do so anyway.

Document Quality

  This is documenting a widely deployed feature that is used for development
  and debugging major crypto libraries and browsers (see above)

Personnel

   The Document Shepherd for this document is Sean Turner. The Responsible
   Area Director is Paul Wouters.

RFC Editor Note