ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2 and DTLS 1.2
RFC 8442
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2018-09-06
|
05 | (System) | Received changes through RFC Editor sync (created alias RFC 8442, changed title to 'ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2 and … Received changes through RFC Editor sync (created alias RFC 8442, changed title to 'ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2 and DTLS 1.2', changed abstract to 'This document defines several new cipher suites for version 1.2 of the Transport Layer Security (TLS) protocol and version 1.2 of the Datagram Transport Layer Security (DTLS) protocol. These cipher suites are based on the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key (ECDHE_PSK) key exchange together with the Authenticated Encryption with Associated Data (AEAD) algorithms AES-GCM and AES-CCM. PSK provides light and efficient authentication, ECDHE provides forward secrecy, and AES-GCM and AES-CCM provide encryption and integrity protection.', changed standardization level to Proposed Standard, changed state to RFC, added RFC published event at 2018-09-06, changed IESG state to RFC Published) |
|
2018-09-06
|
05 | (System) | RFC published |
|
2018-09-04
|
05 | (System) | RFC Editor state changed to <a href="http://www.rfc-editor.org/auth48/rfc8442">AUTH48-DONE</a> from AUTH48 |
|
2018-08-14
|
05 | Benjamin Kaduk | Shepherding AD changed to Benjamin Kaduk |
|
2018-08-04
|
05 | (System) | RFC Editor state changed to <a href="http://www.rfc-editor.org/auth48/rfc8442">AUTH48</a> from RFC-EDITOR |
|
2018-06-29
|
05 | (System) | RFC Editor state changed to RFC-EDITOR from REF |
|
2018-06-18
|
05 | (System) | RFC Editor state changed to REF from EDIT |
|
2018-05-09
|
05 | (System) | RFC Editor state changed to EDIT from MISSREF |
|
2017-08-16
|
05 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
|
2017-08-15
|
05 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
|
2017-08-14
|
05 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
|
2017-08-14
|
05 | (System) | RFC Editor state changed to MISSREF |
|
2017-08-14
|
05 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
|
2017-08-14
|
05 | (System) | Announcement was received by RFC Editor |
|
2017-08-11
|
05 | (System) | IANA Action state changed to In Progress |
|
2017-08-11
|
05 | Cindy Morgan | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
|
2017-08-11
|
05 | Cindy Morgan | IESG has approved the document |
|
2017-08-11
|
05 | Cindy Morgan | Closed "Approve" ballot |
|
2017-08-11
|
05 | Cindy Morgan | IESG state changed to Approved-announcement to be sent from Waiting for AD Go-Ahead |
|
2017-08-11
|
05 | Cindy Morgan | Ballot approval text was generated |
|
2017-08-10
|
05 | Eric Rescorla | [Ballot Position Update] Position for Eric Rescorla has been changed to No Objection from Discuss |
|
2017-08-07
|
05 | Sabrina Tanamal | IANA Review state changed to IANA OK - Actions Needed from IANA - Not OK |
|
2017-08-01
|
05 | Gunter Van de Velde | Closed request for Last Call review by OPSDIR with state 'No Response' |
|
2017-07-31
|
05 | (System) | IESG state changed to Waiting for AD Go-Ahead from In Last Call |
|
2017-07-26
|
05 | (System) | IANA Review state changed to IANA - Not OK from Version Changed - Review Needed |
|
2017-07-26
|
05 | Sabrina Tanamal | (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Services Operator has completed its review of draft-ietf-tls-ecdhe-psk-aead-05. If any part of this review is inaccurate, please let … (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Services Operator has completed its review of draft-ietf-tls-ecdhe-psk-aead-05. If any part of this review is inaccurate, please let us know. The IANA Services Operator has a question about one of the actions requested in the IANA Considerations section of this document. The IANA Services Operator understands that, upon approval of this document, there is a single action which we must complete. In the TLS Cipher Suite Registry on the Transport Layer Security (TLS) Parameters registry page located at: https://www.iana.org/assignments/tls-parameters/ Four new cipher suites are to be registered as follows: Value: [ TBD-at-Registration } Description: TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 DTLS-OK: { ? } See below Reference: [ RFC-to-be ] Value: [ TBD-at-Registration } Description: TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 DTLS-OK: { ? } See below Reference: [ RFC-to-be ] Value: [ TBD-at-Registration } Description: TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 DTLS-OK: { ? } See below Reference: [ RFC-to-be ] Value: [ TBD-at-Registration } Description: TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 DTLS-OK: { ? } See below Reference: [ RFC-to-be ] IANA Question --> For each of the cipher suites above, what should the value of "DTLS-OK" be? We note that the authors have suggested the following values for the four cipher suites above: {0xD0,0x01}; {0xD0,0x02}; {0xD0,0x03}; {0xD0,0x05}; The IANA Services Operator understands that this is the only action required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed. Thank you, Sabrina Tanamal IANA Services Specialist PTI |
|
2017-07-17
|
05 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Niclas Comstedt |
|
2017-07-17
|
05 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Niclas Comstedt |
|
2017-07-17
|
05 | Cindy Morgan | The following Last Call announcement was sent out (ends 2017-07-31):<br><br>From: The IESG <iesg-secretary@ietf.org> To: IETF-Announce <ietf-announce@ietf.org> CC: draft-ietf-tls-ecdhe-psk-aead@ietf.org, Kathleen.Moriarty.ietf@gmail.com, … The following Last Call announcement was sent out (ends 2017-07-31):<br><br>From: The IESG <iesg-secretary@ietf.org> To: IETF-Announce <ietf-announce@ietf.org> CC: draft-ietf-tls-ecdhe-psk-aead@ietf.org, Kathleen.Moriarty.ietf@gmail.com, Joseph Salowey <joe@salowey.net>, tls@ietf.org, joe@salowey.net, tls-chairs@ietf.org Reply-To: ietf@ietf.org Sender: <iesg-secretary@ietf.org> Subject: Last Call: <draft-ietf-tls-ecdhe-psk-aead-05.txt> (ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security (TLS) Protocol version 1.2) to Proposed Standard The IESG has received a request from the Transport Layer Security WG (tls) to consider the following document: - 'ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security (TLS) Protocol version 1.2' <draft-ietf-tls-ecdhe-psk-aead-05.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2017-07-31. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document defines several new cipher suites for the Transport Layer Security (TLS) protocol version 1.2. The cipher suites are all based on the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key (ECDHE_PSK) key exchange together with the Authenticated Encryption with Associated Data (AEAD) algorithms AES-GCM and AES- CCM. PSK provides light and efficient authentication, ECDHE provides forward secrecy, and AES-GCM and AES-CCM provides encryption and integrity protection. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/ballot/ No IPR declarations have been submitted directly on this I-D. |
|
2017-07-17
|
05 | Cindy Morgan | IESG state changed to In Last Call from Last Call Requested::AD Followup |
|
2017-07-17
|
05 | Cindy Morgan | Last call announcement was generated |
|
2017-07-17
|
05 | Eric Rescorla | Last call was requested |
|
2017-07-17
|
05 | Eric Rescorla | IESG state changed to Last Call Requested::AD Followup from IESG Evaluation::AD Followup |
|
2017-05-30
|
05 | Gunter Van de Velde | Closed request for Last Call review by OPSDIR with state 'No Response' |
|
2017-05-25
|
05 | Cindy Morgan | IESG state changed to IESG Evaluation::AD Followup from IESG Evaluation |
|
2017-05-25
|
05 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
|
2017-05-25
|
05 | Daniel Migault | New version available: draft-ietf-tls-ecdhe-psk-aead-05.txt |
|
2017-05-25
|
05 | (System) | New version approved |
|
2017-05-25
|
05 | (System) | Request for posting confirmation emailed to previous authors: John Mattsson <john.mattsson@ericsson.com>, Daniel Migault <daniel.migault@ericsson.com> |
|
2017-05-25
|
05 | Daniel Migault | Uploaded new revision |
|
2017-05-24
|
04 | Spencer Dawkins | [Ballot comment] Ciphersuite drafts for TLS are usually above my pay grade, but I understand most of EKR's Discuss, and agree with Adam's suggestion to … [Ballot comment] Ciphersuite drafts for TLS are usually above my pay grade, but I understand most of EKR's Discuss, and agree with Adam's suggestion to change the document title to "ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security Version 1.2 (TLS 1.2)" at an absolute minimum. |
|
2017-05-24
|
04 | Spencer Dawkins | [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins |
|
2017-05-24
|
04 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
|
2017-05-24
|
04 | Amanda Baber | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
|
2017-05-24
|
05 | (System) | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
|
2017-05-24
|
04 | Alissa Cooper | [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper |
|
2017-05-24
|
04 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
|
2017-05-23
|
04 | Ben Campbell | [Ballot comment] I support Ekr's DISCUSS position. |
|
2017-05-23
|
04 | Ben Campbell | [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell |
|
2017-05-23
|
04 | Suresh Krishnan | [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan |
|
2017-05-23
|
04 | Adam Roach | [Ballot comment] I agree with EKR's discuss -- specifying semantics for these ciphersuites with TLS 1.0 and 1.1 is a material change, and the proposed … [Ballot comment] I agree with EKR's discuss -- specifying semantics for these ciphersuites with TLS 1.0 and 1.1 is a material change, and the proposed mechanism (in which servers are encouraged to infer 1.2 support even in the absence of explicit indication) is a bit baffling. Given the scope this document covers, I recommend adding "1.2" to the title of the document. (e.g.: "ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security Version 1.2 (TLS 1.2)") |
|
2017-05-23
|
04 | Adam Roach | [Ballot Position Update] New position, No Objection, has been recorded for Adam Roach |
|
2017-05-23
|
04 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
|
2017-05-22
|
04 | Eric Rescorla | [Ballot discuss] The following text appears to have been added in -04 A server receiving a ClientHello and a client_version indicating (3,1) "TLS … [Ballot discuss] The following text appears to have been added in -04 A server receiving a ClientHello and a client_version indicating (3,1) "TLS 1.0" or (3,2) "TLS 1.1" and any of the cipher suites from this document in ClientHello.cipher_suites can safely assume that the client supports TLS 1.2 and is willing to use it. The server MUST NOT negotiate these cipher suites with TLS protocol versions earlier than TLS 1.2. Not requiring clients to indicate their support for TLS 1.2 cipher suites exclusively through ClientHello.client_hello improves the interoperability in the installed base and use of TLS 1.2 AEAD cipher suites without upsetting the installed base of version-intolerant TLS servers, results in more TLS handshakes succeeding and obviates fallback mechanisms. This is a major technical change from -03, which, AFAIK, prohibited the server from negotiating these algorithms with TLS 1.1 and below and maintained the usual TLS version 1.2 negotiation rules. This is a very material technical change. I don't consider it wise, but in any case it would absolutely need WG consensus, which I don't believe that it has given the recent introduction. The discussion of dictionary attacks here seems inferior to that in 4279. In particular, you only need to actively attack one connection to capture the data you need for a brute force attack despite the text there referring to trying "different keys". Please correct that. |
|
2017-05-22
|
04 | Eric Rescorla | [Ballot comment] The citations to TLS 1.3 still seem pretty muddled. I think you should just stop referencing and discussing 1.3. S 2. I'm not … [Ballot comment] The citations to TLS 1.3 still seem pretty muddled. I think you should just stop referencing and discussing 1.3. S 2. I'm not sure that the discussion of the PRF is helpful here in mandating the non-use of these cipher suites with TLS 1.1 and below. |
|
2017-05-22
|
04 | Eric Rescorla | [Ballot Position Update] New position, Discuss, has been recorded for Eric Rescorla |
|
2017-05-22
|
04 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
|
2017-05-22
|
04 | Kathleen Moriarty | IESG state changed to IESG Evaluation from Waiting for Writeup |
|
2017-05-22
|
04 | Alexey Melnikov | [Ballot Position Update] New position, Yes, has been recorded for Alexey Melnikov |
|
2017-05-22
|
04 | Mirja Kühlewind | [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind |
|
2017-05-19
|
04 | Dan Romascanu | Request for Telechat review by GENART Completed: Ready. Reviewer: Dan Romascanu. Sent review to list. |
|
2017-05-19
|
04 | Jean Mahoney | Request for Telechat review by GENART is assigned to Dan Romascanu |
|
2017-05-19
|
04 | Jean Mahoney | Request for Telechat review by GENART is assigned to Dan Romascanu |
|
2017-05-19
|
04 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA - Not OK |
|
2017-05-19
|
04 | Daniel Migault | New version available: draft-ietf-tls-ecdhe-psk-aead-04.txt |
|
2017-05-19
|
04 | (System) | New version approved |
|
2017-05-19
|
04 | (System) | Request for posting confirmation emailed to previous authors: John Mattsson <john.mattsson@ericsson.com>, Daniel Migault <daniel.migault@ericsson.com>, tls-chairs@ietf.org |
|
2017-05-19
|
04 | Daniel Migault | Uploaded new revision |
|
2017-05-19
|
03 | Kathleen Moriarty | Ballot has been issued |
|
2017-05-19
|
03 | Kathleen Moriarty | [Ballot Position Update] New position, Yes, has been recorded for Kathleen Moriarty |
|
2017-05-19
|
03 | Kathleen Moriarty | Created "Approve" ballot |
|
2017-05-19
|
03 | Kathleen Moriarty | Ballot writeup was changed |
|
2017-05-18
|
03 | Benjamin Kaduk | Request for Last Call review by SECDIR Completed: Has Nits. Reviewer: Benjamin Kaduk. |
|
2017-05-18
|
03 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
|
2017-05-16
|
03 | (System) | IANA Review state changed to IANA - Not OK from IANA - Review Needed |
|
2017-05-16
|
03 | Sabrina Tanamal | (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Services Operator has completed its review of draft-ietf-tls-ecdhe-psk-aead-03.txt. If any part of this review is inaccurate, please let … (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Services Operator has completed its review of draft-ietf-tls-ecdhe-psk-aead-03.txt. If any part of this review is inaccurate, please let us know. The IANA Services Operator has a question about one of the actions requested in the IANA Considerations section of this document. The IANA Services Operator understands that, upon approval of this document, there is a single action which we must complete. In the TLS Cipher Suite Registry on the Transport Layer Security (TLS) Parameters registry page located at: https://www.iana.org/assignments/tls-parameters/ four new cipher suites are to be registered as follows: Value: [ TBD-at-registration ] Description: TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 DTLS-OK: Reference: [ RFC-to-be ] Value: [ TBD-at-registration ] Description: TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 DTLS-OK: Reference: [ RFC-to-be ] Value: [ TBD-at-registration ] Description: TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 DTLS-OK: Reference: [ RFC-to-be ] Value: [ TBD-at-registration ] Description: TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 DTLS-OK: Reference: [ RFC-to-be ] IANA Question: What are the values for DTLS-OK for each of these cipher suites? We understand that the authors request specific values for these four registrations as follows: TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 = {0xD0,0x01} TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 = {0xD0,0x02} TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 = {0xD0,0x03} TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 = {0xD0,0x05} The IANA Services Operator understands that this is the only action required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed. Thank you, Sabrina Tanamal IANA Services Specialist PTI |
|
2017-05-15
|
03 | Dan Romascanu | Request for Last Call review by GENART Completed: Ready with Issues. Reviewer: Dan Romascanu. Sent review to list. |
|
2017-05-11
|
03 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Benjamin Kaduk |
|
2017-05-11
|
03 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Benjamin Kaduk |
|
2017-05-09
|
03 | Jean Mahoney | Request for Last Call review by GENART is assigned to Dan Romascanu |
|
2017-05-09
|
03 | Jean Mahoney | Request for Last Call review by GENART is assigned to Dan Romascanu |
|
2017-05-09
|
03 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Eric Vyncke |
|
2017-05-09
|
03 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Eric Vyncke |
|
2017-05-05
|
03 | Kathleen Moriarty | Placed on agenda for telechat - 2017-05-25 |
|
2017-05-04
|
03 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
|
2017-05-04
|
03 | Amy Vezza | The following Last Call announcement was sent out:<br><br>From: The IESG <iesg-secretary@ietf.org> To: IETF-Announce <ietf-announce@ietf.org> CC: draft-ietf-tls-ecdhe-psk-aead@ietf.org, Kathleen.Moriarty.ietf@gmail.com, Joseph Salowey … The following Last Call announcement was sent out:<br><br>From: The IESG <iesg-secretary@ietf.org> To: IETF-Announce <ietf-announce@ietf.org> CC: draft-ietf-tls-ecdhe-psk-aead@ietf.org, Kathleen.Moriarty.ietf@gmail.com, Joseph Salowey <joe@salowey.net>, tls@ietf.org, joe@salowey.net, tls-chairs@ietf.org Reply-To: ietf@ietf.org Sender: <iesg-secretary@ietf.org> Subject: Last Call: <draft-ietf-tls-ecdhe-psk-aead-03.txt> (ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security (TLS)) to Proposed Standard The IESG has received a request from the Transport Layer Security WG (tls) to consider the following document: - 'ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security (TLS)' <draft-ietf-tls-ecdhe-psk-aead-03.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2017-05-18. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document defines several new cipher suites for the Transport Layer Security (TLS) protocol. The cipher suites are all based on the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key (ECDHE_PSK) key exchange together with the Authenticated Encryption with Associated Data (AEAD) algorithms AES-GCM and AES-CCM. PSK provides light and efficient authentication, ECDHE provides perfect forward secrecy, and AES-GCM and AES-CCM provides encryption and integrity protection. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/ballot/ No IPR declarations have been submitted directly on this I-D. |
|
2017-05-04
|
03 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
|
2017-05-04
|
03 | Kathleen Moriarty | Last call was requested |
|
2017-05-04
|
03 | Kathleen Moriarty | Ballot approval text was generated |
|
2017-05-04
|
03 | Kathleen Moriarty | Ballot writeup was generated |
|
2017-05-04
|
03 | Kathleen Moriarty | IESG state changed to Last Call Requested from AD Evaluation |
|
2017-05-04
|
03 | Kathleen Moriarty | Last call announcement was generated |
|
2017-05-04
|
03 | Daniel Migault | New version available: draft-ietf-tls-ecdhe-psk-aead-03.txt |
|
2017-05-04
|
03 | (System) | New version approved |
|
2017-05-04
|
03 | (System) | Request for posting confirmation emailed to previous authors: John Mattsson <john.mattsson@ericsson.com>, tls-chairs@ietf.org |
|
2017-05-04
|
03 | Daniel Migault | Uploaded new revision |
|
2017-05-01
|
02 | Kathleen Moriarty | IESG state changed to AD Evaluation from Publication Requested |
|
2017-04-28
|
02 | Joseph Salowey | --------------------- (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of … --------------------- (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? This draft is intended for Proposed Standard as indicated in the title page header as well as in the data tracker. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary This document defines several new cipher suites for the Transport Layer Security (TLS) protocol. The cipher suites are all based on the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key (ECDHE_PSK) key exchange together with the Authenticated Encryption with Associated Data (AEAD) algorithms AES-GCM and AES-CCM. PSK provides light and efficient authentication, ECDHE provides perfect forward secrecy, and AES-GCM and AES-CCM provides encryption and integrity protection. Working Group Summary There is general support for this document in the working group. The main issues focused around trimming down the list of cipher suites to the minimum number required. Document Quality The document has been review by the TLS working group. Personnel Joseph Salowey is the Document Shepherd. Kathleen Moriarty is the responsible AD. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. This version of the draft is ready for publication. (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? There are no concerns about the breadth or depth of the reviews. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. No portions of the document need review from a particular or from broader perspective. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. No Specific concerns (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why. Yes. (8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures. No IPR disclosures have been filed (9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? This document has working group consensus (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) There are no known threats of appeal. (11) Identify any ID nits the Document Shepherd has found in this document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. No Known Nits (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. N/A (13) Have all references within this document been identified as either normative or informative? Yes (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? There are references to TLS 1.3 and RFC 4492bis. These documents are other progressing or will progress soon. (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. NA (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary. NA (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). No New registries are created. Code points are requested for existing registries. (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. NA (19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. NA |
|
2017-04-28
|
02 | Joseph Salowey | Responsible AD changed to Kathleen Moriarty |
|
2017-04-28
|
02 | Joseph Salowey | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
|
2017-04-28
|
02 | Joseph Salowey | IESG state changed to Publication Requested |
|
2017-04-28
|
02 | Joseph Salowey | IESG process started in state Publication Requested |
|
2017-04-28
|
02 | Joseph Salowey | Tag Doc Shepherd Follow-up Underway cleared. |
|
2017-04-13
|
02 | Joseph Salowey | Changed document writeup |
|
2017-04-12
|
02 | Joseph Salowey | Tag Revised I-D Needed - Issue raised by WGLC cleared. |
|
2017-04-12
|
02 | Joseph Salowey | IETF WG state changed to WG Consensus: Waiting for Write-Up from Waiting for WG Chair Go-Ahead |
|
2017-04-11
|
02 | Daniel Migault | New version available: draft-ietf-tls-ecdhe-psk-aead-02.txt |
|
2017-04-11
|
02 | (System) | New version approved |
|
2017-04-11
|
02 | (System) | Request for posting confirmation emailed to previous authors: John Mattsson <john.mattsson@ericsson.com>, Daniel Migault <daniel.migault@ericsson.com>, tls-chairs@ietf.org |
|
2017-04-11
|
02 | Daniel Migault | Uploaded new revision |
|
2017-04-07
|
01 | Sean Turner | Notification list changed to Joseph Salowey <joe@salowey.net> |
|
2017-04-07
|
01 | Sean Turner | Document shepherd changed to Joseph A. Salowey |
|
2017-03-22
|
01 | Joseph Salowey | Tags Revised I-D Needed - Issue raised by WGLC, Doc Shepherd Follow-up Underway set. |
|
2017-03-22
|
01 | Joseph Salowey | IETF WG state changed to Waiting for WG Chair Go-Ahead from In WG Last Call |
|
2016-11-22
|
01 | Sean Turner | This document now replaces draft-mattsson-tls-ecdhe-psk-aead instead of None |
|
2016-11-22
|
01 | Sean Turner | WGLC ends 20161209. |
|
2016-11-22
|
01 | Sean Turner | IETF WG state changed to In WG Last Call from WG Document |
|
2016-11-22
|
01 | Sean Turner | Changed consensus to Yes from Unknown |
|
2016-11-22
|
01 | Sean Turner | Intended Status changed to Proposed Standard from None |
|
2016-11-13
|
01 | Daniel Migault | New version available: draft-ietf-tls-ecdhe-psk-aead-01.txt |
|
2016-11-13
|
01 | (System) | New version approved |
|
2016-11-13
|
01 | (System) | Request for posting confirmation emailed to previous authors: "John Mattsson" <john.mattsson@ericsson.com>, "Daniel Migault" <daniel.migault@ericsson.com>, tls-chairs@ietf.org |
|
2016-11-13
|
01 | Daniel Migault | Uploaded new revision |
|
2016-05-27
|
00 | Daniel Migault | New version available: draft-ietf-tls-ecdhe-psk-aead-00.txt |