Keying Material Exporters for Transport Layer Security (TLS)
RFC 5705

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>, 
    tls mailing list <tls@ietf.org>, 
    tls chair <tls-chairs@tools.ietf.org>
Subject: Protocol Action: 'Keying Material Exporters for Transport Layer Security (TLS)' to Proposed Standard

The IESG has approved the following document:

- 'Keying Material Exporters for Transport Layer Security (TLS) '
   <draft-ietf-tls-extractor-07.txt> as a Proposed Standard


This document is the product of the Transport Layer Security Working Group. 

The IESG contact persons are Pasi Eronen and Tim Polk.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-tls-extractor-07.txt

Technical Summary

   A number of protocols wish to leverage Transport Layer Security
   (TLS) to perform key establishment but then use some of the keying
   material for their own purposes. This document describes a general
   mechanism for allowing that.

Working Group Summary

   There was significant consensus in the working group supporting
   this document. The largest controversy was over the name.

Document Quality

   The approach has been used in several protocols (such as EAP-TLS)
   for many years, and is planned for use in several protocols. The
   document has been reviewed by cryptographers who are experts in the
   area of key derivation.

RFC Editor Note

   Section 3:
   REMOVE:
      o  One important part of the context -- which application will use
         the exported keys -- is given by the disambiguating label string
         (see Section 4).

   Section 3
   ADD (new paragraph after the bulleted list):
      No matter how the context is agreed, it is required that it has one
      part that indicates which application will use the exported keys. 
      This part is the disambiguating label string (see Section 4).

   Section 4
   OLD:
      The context value length is encoded as an unsigned 16-bit quantity
      (uint16) representing the length of the context value.
   NEW:
      The context value length is encoded as an unsigned 16-bit quantity
      (uint16; see [RFC5246], Section 4.4) representing the length of the
      context value.