Transport Layer Security (TLS) Session Resumption without Server-Side State
RFC 5077
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2017-05-16
|
01 | (System) | Changed document authors from "Joseph Salowey" to "Joseph Salowey, Pasi Eronen, Hannes Tschofenig, Hao Zhou" |
|
2016-09-13
|
01 | (System) | Received changes through RFC Editor sync (added Errata tag) |
|
2015-10-14
|
01 | (System) | Notify list changed from jsalowey@cisco.com, hzhou@cisco.com, pasi.eronen@nokia.com, Hannes.Tschofenig@gmx.net to pasi.eronen@nokia.com, Hannes.Tschofenig@gmx.net, hzhou@cisco.com |
|
2012-08-22
|
01 | (System) | post-migration administrative database adjustment to the No Objection position for Chris Newman |
|
2008-01-31
|
01 | Amy Vezza | State Changes to RFC Published from RFC Ed Queue by Amy Vezza |
|
2008-01-31
|
01 | Amy Vezza | [Note]: 'RFC 5077' added by Amy Vezza |
|
2008-01-25
|
01 | (System) | RFC published |
|
2007-09-12
|
01 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
|
2007-09-11
|
01 | Amy Vezza | IESG state changed to Approved-announcement sent |
|
2007-09-11
|
01 | Amy Vezza | IESG has approved the document |
|
2007-09-11
|
01 | Amy Vezza | Closed "Approve" ballot |
|
2007-09-11
|
01 | (System) | IANA Action state changed to No IC from In Progress |
|
2007-09-11
|
01 | (System) | IANA Action state changed to In Progress |
|
2007-09-11
|
01 | Tim Polk | State Changes to Approved-announcement to be sent::Point Raised - writeup needed from Approved-announcement to be sent::Revised ID Needed by Tim Polk |
|
2007-09-07
|
01 | (System) | Removed from agenda for telechat - 2007-09-06 |
|
2007-09-06
|
01 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Stefan Santesson. |
|
2007-09-06
|
01 | Amy Vezza | State Changes to Approved-announcement to be sent::Revised ID Needed from IESG Evaluation by Amy Vezza |
|
2007-09-06
|
01 | Amy Vezza | [Ballot Position Update] Position for Chris Newman has been changed to No Objection from Discuss by Amy Vezza |
|
2007-09-06
|
01 | (System) | [Ballot Position Update] Position for Chris Newman has been changed to Discuss from No Objection by IESG Secretary |
|
2007-09-06
|
01 | Chris Newman | [Ballot Position Update] Position for Chris Newman has been changed to No Objection from Discuss by Chris Newman |
|
2007-09-06
|
01 | (System) | [Ballot Position Update] New position, No Objection, has been recorded for Sam Hartman by IESG Secretary |
|
2007-09-06
|
01 | Lisa Dusseault | [Ballot Position Update] New position, No Objection, has been recorded by Lisa Dusseault |
|
2007-09-06
|
01 | Tim Polk | State Change Notice email list have been change to jsalowey@cisco.com, hzhou@cisco.com, pasi.eronen@nokia.com, Hannes.Tschofenig@gmx.net from jsalowey@cisco.com, hzhou@cisco.com, pasi.eronen@nokia.com, Hannes.Tschofenig@siemens.com |
|
2007-09-06
|
01 | Mark Townsley | [Ballot Position Update] New position, No Objection, has been recorded by Mark Townsley |
|
2007-09-06
|
01 | Ross Callon | [Ballot Position Update] New position, No Objection, has been recorded by Ross Callon |
|
2007-09-06
|
01 | Jon Peterson | [Ballot Position Update] New position, No Objection, has been recorded by Jon Peterson |
|
2007-09-06
|
01 | Magnus Westerlund | [Ballot Position Update] New position, No Objection, has been recorded by Magnus Westerlund |
|
2007-09-06
|
01 | Jari Arkko | [Ballot comment] It seems that Appendix A does not list all the changes from RFC 4507. The diff is available here: http://tools.ietf.org/tools/rfcdiff/rfcdiff.pyht?url1=http://www.ietf.org/rfc/rfc4507.txt&url2=http://tools.ietf.org/id/draft-salowey-tls-rfc4507bis-01.txt And there … [Ballot comment] It seems that Appendix A does not list all the changes from RFC 4507. The diff is available here: http://tools.ietf.org/tools/rfcdiff/rfcdiff.pyht?url1=http://www.ietf.org/rfc/rfc4507.txt&url2=http://tools.ietf.org/id/draft-salowey-tls-rfc4507bis-01.txt And there are a number of changes, including additional requirements on including specific messages in a hash (Section 3.3), moving from SHA1 to SHA256, etc. |
|
2007-09-06
|
01 | Jari Arkko | [Ballot Position Update] New position, Yes, has been recorded by Jari Arkko |
|
2007-09-06
|
01 | Chris Newman | [Ballot discuss] I want to discuss the apps issue mentioned in my comment during the IESG call. My intention is to clear this DISCUSS during … [Ballot discuss] I want to discuss the apps issue mentioned in my comment during the IESG call. My intention is to clear this DISCUSS during the IESG call unless others on the IESG feel the harm of modest delay to address the issue I raised is worth the potential improvement. |
|
2007-09-06
|
01 | Chris Newman | [Ballot Position Update] New position, Discuss, has been recorded by Chris Newman |
|
2007-09-06
|
01 | Chris Newman | [Ballot comment] Apps-level issue: If an application performs user-level authentication subsequent to initiation of the TLS tunnel (e.g. via GSSAPI or SASL), it would be … [Ballot comment] Apps-level issue: If an application performs user-level authentication subsequent to initiation of the TLS tunnel (e.g. via GSSAPI or SASL), it would be possible for the application to trigger a TLS-level renegotiation that includes a NewSessionTicket embedding information about the app-level authentication. Alternatively, the application could have a mechanism to bind the user-level authentication to a given session ticket (although this would involve server state). Then on re-connection, the application could use app-level mechanisms to automatically resume the user session (e.g. IMAP PREAUTH or SASL EXTERNAL). It's not clear to me if this is a good/bad idea, what the security risks would be, or if TLS stacks should be advised to include APIs to facilitate such use of the mechanism. This document is silent on such interaction with applications. Were this a first version, I'd ask for this issue to be considered and addressed if there was consensus. But I don't want to delay an obvious bugfix to an already published RFC. Nits: the server does not wish issue a new ticket and therefore does not ^^^ to The server uses an zero-length SessionTicket extension to indicate to ^^ a |
|
2007-09-05
|
01 | Cullen Jennings | [Ballot Position Update] New position, No Objection, has been recorded by Cullen Jennings |
|
2007-09-04
|
01 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica |
|
2007-09-04
|
01 | David Ward | [Ballot Position Update] New position, No Objection, has been recorded by David Ward |
|
2007-09-04
|
01 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu |
|
2007-09-04
|
01 | Lars Eggert | [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert |
|
2007-08-30
|
01 | Tim Polk | State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Tim Polk |
|
2007-08-30
|
01 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley |
|
2007-08-30
|
01 | (System) | New version available: draft-salowey-tls-rfc4507bis-01.txt |
|
2007-08-29
|
01 | Tim Polk | Placed on agenda for telechat - 2007-09-06 by Tim Polk |
|
2007-08-29
|
(System) | Posted related IPR disclosure: Cisco's Statement about IPR claimed in draft-salowey-tls-rfc4507bis-01.txt | |
|
2007-08-22
|
01 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
|
2007-08-15
|
01 | Yoshiko Fong | IANA Last Call Comments: NOTE: The IANA Considerations section isn't completely clear that there's nothing to do. It should probably add a sentence that the … IANA Last Call Comments: NOTE: The IANA Considerations section isn't completely clear that there's nothing to do. It should probably add a sentence that the assignments were made in RFC4507 and don't need to be made again. As described in the IANA Considerations section, we understand this document to have NO IANA Actions. |
|
2007-08-01
|
01 | Tim Polk | [Ballot Position Update] New position, Yes, has been recorded for Tim Polk |
|
2007-08-01
|
01 | Tim Polk | Ballot has been issued by Tim Polk |
|
2007-08-01
|
01 | Tim Polk | Created "Approve" ballot |
|
2007-07-31
|
01 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Stefan Santesson |
|
2007-07-31
|
01 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Stefan Santesson |
|
2007-07-25
|
01 | Amy Vezza | Last call sent |
|
2007-07-25
|
01 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
|
2007-07-25
|
01 | Tim Polk | State Change Notice email list have been change to jsalowey@cisco.com, hzhou@cisco.com, pasi.eronen@nokia.com, Hannes.Tschofenig@siemens.com from jsalowey@cisco.com |
|
2007-07-25
|
01 | Tim Polk | Last Call was requested by Tim Polk |
|
2007-07-25
|
01 | Tim Polk | State Changes to Last Call Requested from Publication Requested by Tim Polk |
|
2007-07-25
|
01 | (System) | Ballot writeup text was added |
|
2007-07-25
|
01 | (System) | Last call text was added |
|
2007-07-25
|
01 | (System) | Ballot approval text was added |
|
2007-07-23
|
01 | Tim Polk | Area acronymn has been changed to sec from gen |
|
2007-07-23
|
01 | Tim Polk | Intended Status has been changed to Proposed Standard from None |
|
2007-07-23
|
01 | Tim Polk | Draft Added by Tim Polk in state Publication Requested |
|
2007-06-12
|
00 | (System) | New version available: draft-salowey-tls-rfc4507bis-00.txt |