Keying Material Exporters for Transport Layer Security (TLS)
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: Internet Architecture Board <email@example.com>, RFC Editor <firstname.lastname@example.org>, tls mailing list <email@example.com>, tls chair <firstname.lastname@example.org> Subject: Protocol Action: 'Keying Material Exporters for Transport Layer Security (TLS)' to Proposed Standard The IESG has approved the following document: - 'Keying Material Exporters for Transport Layer Security (TLS) ' <draft-ietf-tls-extractor-07.txt> as a Proposed Standard This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Pasi Eronen and Tim Polk. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-tls-extractor-07.txt
Technical Summary A number of protocols wish to leverage Transport Layer Security (TLS) to perform key establishment but then use some of the keying material for their own purposes. This document describes a general mechanism for allowing that. Working Group Summary There was significant consensus in the working group supporting this document. The largest controversy was over the name. Document Quality The approach has been used in several protocols (such as EAP-TLS) for many years, and is planned for use in several protocols. The document has been reviewed by cryptographers who are experts in the area of key derivation. RFC Editor Note Section 3: REMOVE: o One important part of the context -- which application will use the exported keys -- is given by the disambiguating label string (see Section 4). Section 3 ADD (new paragraph after the bulleted list): No matter how the context is agreed, it is required that it has one part that indicates which application will use the exported keys. This part is the disambiguating label string (see Section 4). Section 4 OLD: The context value length is encoded as an unsigned 16-bit quantity (uint16) representing the length of the context value. NEW: The context value length is encoded as an unsigned 16-bit quantity (uint16; see [RFC5246], Section 4.4) representing the length of the context value.