ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)
RFC 5489

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>, 
    tls mailing list <tls@ietf.org>, 
    tls chair <tls-chairs@tools.ietf.org>
Subject: Document Action: 'ECDHE_PSK Ciphersuites for Transport 
         Layer Security (TLS)' to Informational RFC 

The IESG has approved the following document:

- 'ECDHE_PSK Ciphersuites for Transport Layer Security (TLS) '
   <draft-ietf-tls-ecdhe-psk-05.txt> as an Informational RFC

This document is the product of the Transport Layer Security Working 
Group. 

The IESG contact persons are Pasi Eronen and Tim Polk.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-tls-ecdhe-psk-05.txt

Technical Summary

   This document extends RFC 4279, RFC 4492 and RFC 4785, and
   specifies a set of cipher suites that use a pre-shared key (PSK)
   to authenticate an Elliptic Curve Diffie-Hellman exchange
   (ECDH). These cipher suites provide Perfect Forward Secrecy (PFS).

Working Group Summary

   This document is a product of the Transport Layer Security (TLS)
   Working Group. The document represents the consensus of the TLS
   working group.

Document Quality

   There are no existing implementations, but working group
   members have shown interest in the document.

Personnel

   The document shepherd is Joe Salowey. The responsible area
   director is Pasi Eronen.

RFC Editor Note

   Please add the following sentence to the end of Section 1.1:

   "The applicability statement in [RFC4279] applies to this document
   as well."

   Section 5, 2nd paragraph:
   OLD:
      Given the current state of published to date crypto attacks,
      HMAC-SHA1 apparently is not (yet) so bad that we need to risk
      breaking interoperability with previous versions of TLS.
      However, implementers and administrators should monitor the
      general statements on recommended cryptographic algorithms
      published from time to time by various forums including the
      IETF, as a base for the portfolio they support and the policies
      for strength of function acceptable for the cipher suites they
      set.
   NEW:
      Implementers and administrators should monitor the general
      statements on recommended cryptographic algorithms (e.g., SHA-1
      hash function) published from time to time by various forums
      including the IETF, as a base for the portfolio they support and
      the policies for strength of function acceptable for the cipher
      suites they set.