Encrypt-then-MAC for Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: RFC Editor <email@example.com>, tls mailing list <firstname.lastname@example.org>, tls chair <email@example.com> Subject: Protocol Action: 'Encrypt-then-MAC for TLS and DTLS' to Proposed Standard (draft-ietf-tls-encrypt-then-mac-03.txt) The IESG has approved the following document: - 'Encrypt-then-MAC for TLS and DTLS' (draft-ietf-tls-encrypt-then-mac-03.txt) as Proposed Standard This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Stephen Farrell and Kathleen Moriarty. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-tls-encrypt-then-mac/
Technical Summary This document defines a means to negotiate the use of encrypt-then-MAC instead of the existing MAC-then-encrypt one. WRT the existing mechanism, there are a number of identified vulnerabilities (see the references in the draft). Working Group Summary: This draft has been kicking around for a number of years and was adopted and progressed fairly quickly. There were really just two debates 1) how to do the negotiation (see sec 2.1 of the draft), and 2) whether this applied to both stream and block ciphers (ended up applying to just block). Document Quality There's a test server up and running. There's also a number of known implementations. Personnel Stephen Farrell is the responsible AD. Sean Turner is the shepherd. IANA Note Please make the relevant temporary registration permanent.