Transport Layer Security (TLS) Extensions
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: Internet Architecture Board <email@example.com>, RFC Editor <firstname.lastname@example.org>, tls mailing list <email@example.com>, tls chair <firstname.lastname@example.org> Subject: Protocol Action: 'Transport Layer Security (TLS) Extensions' to Proposed Standard The IESG has approved the following document: - 'Transport Layer Security (TLS) Extensions ' <draft-ietf-tls-rfc3546bis-03.txt> as a Proposed Standard This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Russ Housley and Tim Polk. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-tls-rfc3546bis-03.txt
Technical Summary This document is an update to RFC 3546, TLS extensions. TLS extensions allow implementations to jointly agree on different TLS behavior that isn't embodied in the cipher suite. Two examples are truncated MACs and communicating the expected server DNS name to allow name-based virtual hosts. This document contains no technical changes to RFC 3546. The only important change is reducing the requirement for registration of an extension from Standards Action to IETF Consensus. Working Group Summary The immediate motivation for this change was to allow the use of group negotiation with ECC, which is going forward as Informational. There was some negative comment about ECC in general and group negotiation but no major dissent for this particular change. However, outside of the ECC boosters, there wasn't much enthusiasm for it either. Protocol Quality An identical protocol (RFC 3546) has already been approved by IESG, but deployment has been very slow, but GnuTLS claims support it. This document was reviewed by Russ Housley for the IESG.