Suite B Profile for Transport Layer Security (TLS)
draft-rescorla-tls-suiteb-11
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2012-08-22
|
11 | (System) | post-migration administrative database adjustment to the Yes position for Pasi Eronen |
|
2008-11-25
|
11 | (System) | IANA Action state changed to No IC from In Progress |
|
2008-11-25
|
11 | (System) | IANA Action state changed to In Progress |
|
2008-11-25
|
11 | Cindy Morgan | State Changes to RFC Ed Queue from Approved-announcement sent by Cindy Morgan |
|
2008-11-25
|
11 | Cindy Morgan | IESG state changed to Approved-announcement sent |
|
2008-11-25
|
11 | Cindy Morgan | IESG has approved the document |
|
2008-11-25
|
11 | Cindy Morgan | Closed "Approve" ballot |
|
2008-11-17
|
11 | Pasi Eronen | [Ballot Position Update] Position for Pasi Eronen has been changed to Yes from Discuss by Pasi Eronen |
|
2008-11-17
|
11 | (System) | New version available: draft-rescorla-tls-suiteb-11.txt |
|
2008-11-11
|
11 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Steve Hanna. |
|
2008-11-07
|
11 | (System) | Removed from agenda for telechat - 2008-11-06 |
|
2008-11-06
|
11 | Amy Vezza | State Changes to IESG Evaluation::AD Followup from IESG Evaluation by Amy Vezza |
|
2008-11-06
|
11 | David Ward | [Ballot Position Update] New position, No Objection, has been recorded by David Ward |
|
2008-11-06
|
11 | Ross Callon | [Ballot Position Update] New position, No Objection, has been recorded by Ross Callon |
|
2008-11-06
|
11 | Magnus Westerlund | [Ballot Position Update] New position, No Objection, has been recorded by Magnus Westerlund |
|
2008-11-06
|
11 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded by Jari Arkko |
|
2008-11-05
|
11 | Mark Townsley | [Ballot Position Update] New position, No Objection, has been recorded by Mark Townsley |
|
2008-11-05
|
11 | Chris Newman | [Ballot Position Update] New position, No Objection, has been recorded by Chris Newman |
|
2008-11-05
|
11 | Cullen Jennings | [Ballot Position Update] New position, No Objection, has been recorded by Cullen Jennings |
|
2008-11-05
|
11 | Lars Eggert | [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert |
|
2008-11-05
|
11 | Pasi Eronen | [Ballot discuss] I've reviewed this document earlier, but re-checking version -10 vs. RFC 5246 found couple of nits (and one errata for RFC 5246, … [Ballot discuss] I've reviewed this document earlier, but re-checking version -10 vs. RFC 5246 found couple of nits (and one errata for RFC 5246, unfortunately -- RFC Editor errata ID #1585). In Section 4.3, the text "While the key exchange algorithm used in TLS_ECDHE_ECDSA-collection of cipher suites require the server's certificate to be signed with a particular signature scheme" is true only for TLS 1.0/1.1, not TLS 1.2. In Section 4.4, the text should probably say that a Suite B compliant TLS version 1.2 or later server MUST select either SHA-256+ECDSA or SHA-384+ECDSA for the signature in the ServerKeyExchange message. (TLS 1.0/1.1 will use SHA-1+ECDSA, though.) Section 4.3/4.4 specifies the requirements for server's signatures; should the document have similar requirements for client's signatures? E.g. say that Suite B compliant TLS 1.2 or later server MUST include SHA-256+ECDSA and/or SHA-384+ECDSA in the supported_signature_algorithms field of the CertificateRequest message, and a Suite B compliant TLS 1.2 or later client MUST select either SHA-256+ECDSA or SHA-384+ECDSA for the signature in the CertificateVerify message? |
|
2008-11-05
|
11 | Pasi Eronen | [Ballot Position Update] New position, Discuss, has been recorded by Pasi Eronen |
|
2008-10-31
|
10 | (System) | New version available: draft-rescorla-tls-suiteb-10.txt |
|
2008-10-30
|
(System) | ||
|
2008-10-23
|
11 | Russ Housley | [Ballot Position Update] New position, Recuse, has been recorded by Russ Housley |
|
2008-10-23
|
11 | Tim Polk | State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Tim Polk |
|
2008-10-23
|
11 | Tim Polk | Placed on agenda for telechat - 2008-11-06 by Tim Polk |
|
2008-10-23
|
11 | Tim Polk | [Ballot Position Update] New position, Yes, has been recorded for Tim Polk |
|
2008-10-23
|
11 | Tim Polk | Ballot has been issued by Tim Polk |
|
2008-10-23
|
11 | Tim Polk | Created "Approve" ballot |
|
2008-10-23
|
11 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
|
2008-10-22
|
09 | (System) | New version available: draft-rescorla-tls-suiteb-09.txt |
|
2008-10-14
|
08 | (System) | New version available: draft-rescorla-tls-suiteb-08.txt |
|
2008-10-03
|
11 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Steve Hanna |
|
2008-10-03
|
11 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Steve Hanna |
|
2008-10-03
|
11 | Samuel Weiler | Assignment of request for Last Call review by SECDIR to Paul Hoffman was rejected |
|
2008-10-02
|
07 | (System) | New version available: draft-rescorla-tls-suiteb-07.txt |
|
2008-09-30
|
11 | Amanda Baber | IANA Last Call comments: As described in the IANA Considerations section, we understand this document to have NO IANA Actions. |
|
2008-09-26
|
11 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Paul Hoffman |
|
2008-09-26
|
11 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Paul Hoffman |
|
2008-09-25
|
11 | Cindy Morgan | Last call sent |
|
2008-09-25
|
11 | Cindy Morgan | State Changes to In Last Call from Last Call Requested by Cindy Morgan |
|
2008-09-25
|
11 | Tim Polk | State Changes to Last Call Requested from Publication Requested by Tim Polk |
|
2008-09-25
|
11 | Tim Polk | Last Call was requested by Tim Polk |
|
2008-09-25
|
11 | (System) | Ballot writeup text was added |
|
2008-09-25
|
11 | (System) | Last call text was added |
|
2008-09-25
|
11 | (System) | Ballot approval text was added |
|
2008-09-18
|
11 | Amy Vezza | Document Shepherd Write-Up for draft-rescorla-tls-suiteb-06.txt (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this version of the document … Document Shepherd Write-Up for draft-rescorla-tls-suiteb-06.txt (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this version of the document and, in particular, does he or she believe this version is ready for forwarding to the IESG for publication? Russ Housley is the Document Shepherd and co-author. (1.b) Has the document had adequate review both from key members of the interested community and others? Does the Document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? The document is intended for publication as an Informational RFC. It has been reviewed by several community members. There are no concerns about the depth or breadth of those reviews. (1.c) Does the Document Shepherd have concerns that the document needs more review from a particular or broader perspective, e.g., security, operational complexity, someone familiar with AAA, internationalization or XML? No concerns. (1.d) Does the Document Shepherd have any specific concerns or issues with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the interested community has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. No concerns. (1.e) How solid is the consensus of the interested community behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the interested community as a whole understand and agree with it? This document explains the requirements for a TLS implementation to be considered "Suite B conformant". There is strong consensus from the people that are defining that term. (1.f) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is entered into the ID Tracker.) No. (1.g) Has the Document Shepherd personally verified that the document satisfies all ID nits? (See http://www.ietf.org/ID-Checklist.html and http://tools.ietf.org/tools/idnits/). Boilerplate checks are not enough; this check needs to be thorough. Has the document met all formal review criteria it needs to, such as the MIB Doctor, media type and URI type reviews? Yes. ID-Checklist and ID-Nits are both satisfied. There is no need for any formal review from the MIB Doctors or any other such group. (1.h) Has the document split its references into normative and informative? Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the strategy for their completion? Are there normative references that are downward references, as described in [RFC3967]? If so, list these downward references to support the Area Director in the Last Call procedure for them [RFC3967]. References are split. All referenced documents are already RFCs. (1.i) Has the Document Shepherd verified that the document IANA consideration section exists and is consistent with the body of the document? If the document specifies protocol extensions, are reservations requested in appropriate IANA registries? Are the IANA registries clearly identified? If the document creates a new registry, does it define the proposed initial contents of the registry and an allocation procedure for future registrations? Does it suggested a reasonable name for the new registry? See [RFC5226]. If the document describes an Expert Review process has the Shepherd conferred with the Responsible Area Director so that the IESG can appoint the needed Expert during the IESG Evaluation? No IANA actions are required. (1.j) Has the Document Shepherd verified that sections of the document that are written in a formal language, such as XML code, BNF rules, MIB definitions, etc., validate correctly in an automated checker? No formal language is used. (1.k) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Writeup? Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary The United States Government has published guidelines for "NSA Suite B Cryptography", which defines cryptographic algorithm policy for national security applications. This document defines a profile of TLS which is conformant with Suite B. Working Group Summary This document is not the product of any IETF working group. Document Quality This document explains the requirements for a TLS implementation to be considered "Suite B conformant". There is strong consensus from the people that are defining that term. |
|
2008-09-18
|
11 | Amy Vezza | Draft Added by Amy Vezza in state Publication Requested |
|
2008-09-17
|
06 | (System) | New version available: draft-rescorla-tls-suiteb-06.txt |
|
2008-09-16
|
05 | (System) | New version available: draft-rescorla-tls-suiteb-05.txt |
|
2008-09-13
|
04 | (System) | New version available: draft-rescorla-tls-suiteb-04.txt |
|
2008-09-05
|
03 | (System) | New version available: draft-rescorla-tls-suiteb-03.txt |
|
2008-04-14
|
02 | (System) | New version available: draft-rescorla-tls-suiteb-02.txt |
|
2007-06-04
|
01 | (System) | New version available: draft-rescorla-tls-suiteb-01.txt |
|
2006-12-14
|
00 | (System) | New version available: draft-rescorla-tls-suiteb-00.txt |