Skip to main content

ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2 and DTLS 1.2
RFC 8442

Revision differences

Document history

Date Rev. By Action
2018-09-06
05 (System)
Received changes through RFC Editor sync (created alias RFC 8442, changed title to 'ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2 and …
Received changes through RFC Editor sync (created alias RFC 8442, changed title to 'ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2 and DTLS 1.2', changed abstract to 'This document defines several new cipher suites for version 1.2 of the Transport Layer Security (TLS) protocol and version 1.2 of the Datagram Transport Layer Security (DTLS) protocol.  These cipher suites are based on the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key (ECDHE_PSK) key exchange together with the Authenticated Encryption with Associated Data (AEAD) algorithms AES-GCM and AES-CCM.  PSK provides light and efficient authentication, ECDHE provides forward secrecy, and AES-GCM and AES-CCM provide encryption and integrity protection.', changed standardization level to Proposed Standard, changed state to RFC, added RFC published event at 2018-09-06, changed IESG state to RFC Published)
2018-09-06
05 (System) RFC published
2018-09-04
05 (System) RFC Editor state changed to <a href="http://www.rfc-editor.org/auth48/rfc8442">AUTH48-DONE</a> from AUTH48
2018-08-14
05 Benjamin Kaduk Shepherding AD changed to Benjamin Kaduk
2018-08-04
05 (System) RFC Editor state changed to <a href="http://www.rfc-editor.org/auth48/rfc8442">AUTH48</a> from RFC-EDITOR
2018-06-29
05 (System) RFC Editor state changed to RFC-EDITOR from REF
2018-06-18
05 (System) RFC Editor state changed to REF from EDIT
2018-05-09
05 (System) RFC Editor state changed to EDIT from MISSREF
2017-08-16
05 (System) IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor
2017-08-15
05 (System) IANA Action state changed to Waiting on RFC Editor from Waiting on Authors
2017-08-14
05 (System) IANA Action state changed to Waiting on Authors from In Progress
2017-08-14
05 (System) RFC Editor state changed to MISSREF
2017-08-14
05 (System) IESG state changed to RFC Ed Queue from Approved-announcement sent
2017-08-14
05 (System) Announcement was received by RFC Editor
2017-08-11
05 (System) IANA Action state changed to In Progress
2017-08-11
05 Cindy Morgan IESG state changed to Approved-announcement sent from Approved-announcement to be sent
2017-08-11
05 Cindy Morgan IESG has approved the document
2017-08-11
05 Cindy Morgan Closed "Approve" ballot
2017-08-11
05 Cindy Morgan IESG state changed to Approved-announcement to be sent from Waiting for AD Go-Ahead
2017-08-11
05 Cindy Morgan Ballot approval text was generated
2017-08-10
05 Eric Rescorla [Ballot Position Update] Position for Eric Rescorla has been changed to No Objection from Discuss
2017-08-07
05 Sabrina Tanamal IANA Review state changed to IANA OK - Actions Needed from IANA - Not OK
2017-08-01
05 Gunter Van de Velde Closed request for Last Call review by OPSDIR with state 'No Response'
2017-07-31
05 (System) IESG state changed to Waiting for AD Go-Ahead from In Last Call
2017-07-26
05 (System) IANA Review state changed to IANA - Not OK from Version Changed - Review Needed
2017-07-26
05 Sabrina Tanamal
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Services Operator has completed its review of draft-ietf-tls-ecdhe-psk-aead-05. If any part of this review is inaccurate, please let …
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Services Operator has completed its review of draft-ietf-tls-ecdhe-psk-aead-05. If any part of this review is inaccurate, please let us know.

The IANA Services Operator has a question about one of the actions requested in the IANA Considerations section of this document.

The IANA Services Operator understands that, upon approval of this document, there is a single action which we must complete.

In the TLS Cipher Suite Registry on the Transport Layer Security (TLS) Parameters registry page located at:

https://www.iana.org/assignments/tls-parameters/

Four new cipher suites are to be registered as follows:

Value: [ TBD-at-Registration }
Description: TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256
DTLS-OK: { ? } See below
Reference: [ RFC-to-be ]

Value: [ TBD-at-Registration }
Description: TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384
DTLS-OK: { ? } See below
Reference: [ RFC-to-be ]

Value: [ TBD-at-Registration }
Description: TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256
DTLS-OK: { ? } See below
Reference: [ RFC-to-be ]

Value: [ TBD-at-Registration }
Description: TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256
DTLS-OK: { ? } See below
Reference: [ RFC-to-be ]

IANA Question --> For each of the cipher suites above, what should the value of "DTLS-OK" be?

We note that the authors have suggested the following values for the four cipher suites above:

{0xD0,0x01};
{0xD0,0x02};
{0xD0,0x03};
{0xD0,0x05};

The IANA Services Operator understands that this is the only action required to be completed upon approval of this document.

Note:  The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed.


Thank you,

Sabrina Tanamal
IANA Services Specialist
PTI
2017-07-17
05 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Niclas Comstedt
2017-07-17
05 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Niclas Comstedt
2017-07-17
05 Cindy Morgan
The following Last Call announcement was sent out (ends 2017-07-31):<br><br>From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
CC: draft-ietf-tls-ecdhe-psk-aead@ietf.org, Kathleen.Moriarty.ietf@gmail.com, …
The following Last Call announcement was sent out (ends 2017-07-31):<br><br>From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
CC: draft-ietf-tls-ecdhe-psk-aead@ietf.org, Kathleen.Moriarty.ietf@gmail.com, Joseph Salowey <joe@salowey.net>, tls@ietf.org, joe@salowey.net, tls-chairs@ietf.org
Reply-To: ietf@ietf.org
Sender: <iesg-secretary@ietf.org>
Subject: Last Call: <draft-ietf-tls-ecdhe-psk-aead-05.txt> (ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security (TLS) Protocol version 1.2) to Proposed Standard


The IESG has received a request from the Transport Layer Security WG (tls) to
consider the following document: - 'ECDHE_PSK with AES-GCM and AES-CCM Cipher
Suites for Transport Layer
  Security (TLS) Protocol version 1.2'
  <draft-ietf-tls-ecdhe-psk-aead-05.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2017-07-31. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the beginning of
the Subject line to allow automated sorting.

Abstract


  This document defines several new cipher suites for the Transport
  Layer Security (TLS) protocol version 1.2.  The cipher suites are all
  based on the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared
  Key (ECDHE_PSK) key exchange together with the Authenticated
  Encryption with Associated Data (AEAD) algorithms AES-GCM and AES-
  CCM.  PSK provides light and efficient authentication, ECDHE provides
  forward secrecy, and AES-GCM and AES-CCM provides encryption and
  integrity protection.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/ballot/


No IPR declarations have been submitted directly on this I-D.




2017-07-17
05 Cindy Morgan IESG state changed to In Last Call from Last Call Requested::AD Followup
2017-07-17
05 Cindy Morgan Last call announcement was generated
2017-07-17
05 Eric Rescorla Last call was requested
2017-07-17
05 Eric Rescorla IESG state changed to Last Call Requested::AD Followup from IESG Evaluation::AD Followup
2017-05-30
05 Gunter Van de Velde Closed request for Last Call review by OPSDIR with state 'No Response'
2017-05-25
05 Cindy Morgan IESG state changed to IESG Evaluation::AD Followup from IESG Evaluation
2017-05-25
05 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed
2017-05-25
05 Daniel Migault New version available: draft-ietf-tls-ecdhe-psk-aead-05.txt
2017-05-25
05 (System) New version approved
2017-05-25
05 (System) Request for posting confirmation emailed to previous authors: John Mattsson <john.mattsson@ericsson.com>, Daniel Migault <daniel.migault@ericsson.com>
2017-05-25
05 Daniel Migault Uploaded new revision
2017-05-24
04 Spencer Dawkins
[Ballot comment]
Ciphersuite drafts for TLS are usually above my pay grade, but I understand most of EKR's Discuss, and agree with Adam's suggestion to …
[Ballot comment]
Ciphersuite drafts for TLS are usually above my pay grade, but I understand most of EKR's Discuss, and agree with Adam's suggestion to change the document title to "ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security Version 1.2 (TLS 1.2)" at an absolute minimum.
2017-05-24
04 Spencer Dawkins [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins
2017-05-24
04 Alia Atlas [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas
2017-05-24
04 Amanda Baber IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed
2017-05-24
05 (System) IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed
2017-05-24
04 Alissa Cooper [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper
2017-05-24
04 Benoît Claise [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise
2017-05-23
04 Ben Campbell [Ballot comment]
I support Ekr's DISCUSS position.
2017-05-23
04 Ben Campbell [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell
2017-05-23
04 Suresh Krishnan [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan
2017-05-23
04 Adam Roach
[Ballot comment]
I agree with EKR's discuss -- specifying semantics for these ciphersuites with TLS 1.0 and 1.1 is a material change, and the proposed …
[Ballot comment]
I agree with EKR's discuss -- specifying semantics for these ciphersuites with TLS 1.0 and 1.1 is a material change, and the proposed mechanism (in which servers are encouraged to infer 1.2 support even in the absence of explicit indication) is a bit baffling.

Given the scope this document covers, I recommend adding "1.2" to the title of the document. (e.g.: "ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security Version 1.2 (TLS 1.2)")
2017-05-23
04 Adam Roach [Ballot Position Update] New position, No Objection, has been recorded for Adam Roach
2017-05-23
04 Deborah Brungard [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard
2017-05-22
04 Eric Rescorla
[Ballot discuss]
The following text appears to have been added in -04

  A server receiving a ClientHello and a client_version indicating
  (3,1) "TLS …
[Ballot discuss]
The following text appears to have been added in -04

  A server receiving a ClientHello and a client_version indicating
  (3,1) "TLS 1.0" or (3,2) "TLS 1.1" and any of the cipher suites from
  this document in ClientHello.cipher_suites can safely assume that the
  client supports TLS 1.2 and is willing to use it.  The server MUST
  NOT negotiate these cipher suites with TLS protocol versions earlier
  than TLS 1.2.  Not requiring clients to indicate their support for
  TLS 1.2 cipher suites exclusively through ClientHello.client_hello
  improves the interoperability in the installed base and use of TLS
  1.2 AEAD cipher suites without upsetting the installed base of
  version-intolerant TLS servers, results in more TLS handshakes
  succeeding and obviates fallback mechanisms.

This is a major technical change from -03, which, AFAIK, prohibited
the server from negotiating these algorithms with TLS 1.1 and below
and maintained the usual TLS version 1.2 negotiation rules.

This is a very material technical change. I don't consider it wise,
but in any case it would absolutely need WG consensus, which I
don't believe that it has given the recent introduction.

The discussion of dictionary attacks here seems inferior to that
in 4279. In particular, you only need to actively attack one
connection to capture the data you need for a brute force attack
despite the text there referring to trying "different keys".
Please correct that.
2017-05-22
04 Eric Rescorla
[Ballot comment]
The citations to TLS 1.3 still seem pretty muddled. I think you
should just stop referencing and discussing 1.3.

S 2.
I'm not …
[Ballot comment]
The citations to TLS 1.3 still seem pretty muddled. I think you
should just stop referencing and discussing 1.3.

S 2.
I'm not sure that the discussion of the PRF is helpful here in
mandating the non-use of these cipher suites with TLS 1.1 and
below.
2017-05-22
04 Eric Rescorla [Ballot Position Update] New position, Discuss, has been recorded for Eric Rescorla
2017-05-22
04 Alvaro Retana [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana
2017-05-22
04 Kathleen Moriarty IESG state changed to IESG Evaluation from Waiting for Writeup
2017-05-22
04 Alexey Melnikov [Ballot Position Update] New position, Yes, has been recorded for Alexey Melnikov
2017-05-22
04 Mirja Kühlewind [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind
2017-05-19
04 Dan Romascanu Request for Telechat review by GENART Completed: Ready. Reviewer: Dan Romascanu. Sent review to list.
2017-05-19
04 Jean Mahoney Request for Telechat review by GENART is assigned to Dan Romascanu
2017-05-19
04 Jean Mahoney Request for Telechat review by GENART is assigned to Dan Romascanu
2017-05-19
04 (System) IANA Review state changed to Version Changed - Review Needed from IANA - Not OK
2017-05-19
04 Daniel Migault New version available: draft-ietf-tls-ecdhe-psk-aead-04.txt
2017-05-19
04 (System) New version approved
2017-05-19
04 (System) Request for posting confirmation emailed to previous authors: John Mattsson <john.mattsson@ericsson.com>, Daniel Migault <daniel.migault@ericsson.com>, tls-chairs@ietf.org
2017-05-19
04 Daniel Migault Uploaded new revision
2017-05-19
03 Kathleen Moriarty Ballot has been issued
2017-05-19
03 Kathleen Moriarty [Ballot Position Update] New position, Yes, has been recorded for Kathleen Moriarty
2017-05-19
03 Kathleen Moriarty Created "Approve" ballot
2017-05-19
03 Kathleen Moriarty Ballot writeup was changed
2017-05-18
03 Benjamin Kaduk Request for Last Call review by SECDIR Completed: Has Nits. Reviewer: Benjamin Kaduk.
2017-05-18
03 (System) IESG state changed to Waiting for Writeup from In Last Call
2017-05-16
03 (System) IANA Review state changed to IANA - Not OK from IANA - Review Needed
2017-05-16
03 Sabrina Tanamal
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Services Operator has completed its review of draft-ietf-tls-ecdhe-psk-aead-03.txt. If any part of this review is inaccurate, please let …
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Services Operator has completed its review of draft-ietf-tls-ecdhe-psk-aead-03.txt. If any part of this review is inaccurate, please let us know.

The IANA Services Operator has a question about one of the actions requested in the IANA Considerations section of this document.

The IANA Services Operator understands that, upon approval of this document, there is a single action which we must complete.

In the TLS Cipher Suite Registry on the Transport Layer Security (TLS) Parameters registry page located at:

https://www.iana.org/assignments/tls-parameters/

four new cipher suites are to be registered as follows:

Value: [ TBD-at-registration ]
Description: TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256
DTLS-OK:
Reference: [ RFC-to-be ]

Value: [ TBD-at-registration ]
Description: TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384
DTLS-OK:
Reference: [ RFC-to-be ]

Value: [ TBD-at-registration ]
Description: TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256
DTLS-OK:
Reference: [ RFC-to-be ]

Value: [ TBD-at-registration ]
Description: TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256
DTLS-OK:
Reference: [ RFC-to-be ]

IANA Question: What are the values for DTLS-OK for each of these cipher suites?

We understand that the authors request specific values for these four registrations as follows:

TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 = {0xD0,0x01}
TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 = {0xD0,0x02}
TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 = {0xD0,0x03}
TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 = {0xD0,0x05}

The IANA Services Operator understands that this is the only action required to be completed upon approval of this document.

Note:  The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed.

Thank you,

Sabrina Tanamal
IANA Services Specialist
PTI
2017-05-15
03 Dan Romascanu Request for Last Call review by GENART Completed: Ready with Issues. Reviewer: Dan Romascanu. Sent review to list.
2017-05-11
03 Tero Kivinen Request for Last Call review by SECDIR is assigned to Benjamin Kaduk
2017-05-11
03 Tero Kivinen Request for Last Call review by SECDIR is assigned to Benjamin Kaduk
2017-05-09
03 Jean Mahoney Request for Last Call review by GENART is assigned to Dan Romascanu
2017-05-09
03 Jean Mahoney Request for Last Call review by GENART is assigned to Dan Romascanu
2017-05-09
03 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Eric Vyncke
2017-05-09
03 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Eric Vyncke
2017-05-05
03 Kathleen Moriarty Placed on agenda for telechat - 2017-05-25
2017-05-04
03 Amy Vezza IANA Review state changed to IANA - Review Needed
2017-05-04
03 Amy Vezza
The following Last Call announcement was sent out:<br><br>From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
CC: draft-ietf-tls-ecdhe-psk-aead@ietf.org, Kathleen.Moriarty.ietf@gmail.com, Joseph Salowey …
The following Last Call announcement was sent out:<br><br>From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
CC: draft-ietf-tls-ecdhe-psk-aead@ietf.org, Kathleen.Moriarty.ietf@gmail.com, Joseph Salowey <joe@salowey.net>, tls@ietf.org, joe@salowey.net, tls-chairs@ietf.org
Reply-To: ietf@ietf.org
Sender: <iesg-secretary@ietf.org>
Subject: Last Call: <draft-ietf-tls-ecdhe-psk-aead-03.txt> (ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security (TLS)) to Proposed Standard


The IESG has received a request from the Transport Layer Security WG
(tls) to consider the following document:
- 'ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer
  Security (TLS)'
  <draft-ietf-tls-ecdhe-psk-aead-03.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2017-05-18. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


  This document defines several new cipher suites for the Transport
  Layer Security (TLS) protocol.  The cipher suites are all based on
  the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key
  (ECDHE_PSK) key exchange together with the Authenticated Encryption
  with Associated Data (AEAD) algorithms AES-GCM and AES-CCM.  PSK
  provides light and efficient authentication, ECDHE provides perfect
  forward secrecy, and AES-GCM and AES-CCM provides encryption and
  integrity protection.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/ballot/


No IPR declarations have been submitted directly on this I-D.




2017-05-04
03 Amy Vezza IESG state changed to In Last Call from Last Call Requested
2017-05-04
03 Kathleen Moriarty Last call was requested
2017-05-04
03 Kathleen Moriarty Ballot approval text was generated
2017-05-04
03 Kathleen Moriarty Ballot writeup was generated
2017-05-04
03 Kathleen Moriarty IESG state changed to Last Call Requested from AD Evaluation
2017-05-04
03 Kathleen Moriarty Last call announcement was generated
2017-05-04
03 Daniel Migault New version available: draft-ietf-tls-ecdhe-psk-aead-03.txt
2017-05-04
03 (System) New version approved
2017-05-04
03 (System) Request for posting confirmation emailed to previous authors: John Mattsson <john.mattsson@ericsson.com>, tls-chairs@ietf.org
2017-05-04
03 Daniel Migault Uploaded new revision
2017-05-01
02 Kathleen Moriarty IESG state changed to AD Evaluation from Publication Requested
2017-04-28
02 Joseph Salowey
---------------------

(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)?  Why
is this the proper type of …
---------------------

(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)?  Why
is this the proper type of RFC?  Is this type of RFC indicated in the
title page header?

This draft is intended for Proposed Standard as indicated in the title page header as well as in the data tracker.

(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:

Technical Summary

  This document defines several new cipher suites for the Transport
  Layer Security (TLS) protocol.  The cipher suites are all based on
  the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key
  (ECDHE_PSK) key exchange together with the Authenticated Encryption
  with Associated Data (AEAD) algorithms AES-GCM and AES-CCM.  PSK
  provides light and efficient authentication, ECDHE provides perfect
  forward secrecy, and AES-GCM and AES-CCM provides encryption and
  integrity protection.


Working Group Summary

There is general support for this document in the working group.  The main issues focused around trimming down the list of cipher suites to the minimum number required. 


Document Quality

The document has been review by the TLS working group. 

Personnel

  Joseph Salowey is the Document Shepherd.
  Kathleen Moriarty is the responsible AD.

(3) Briefly describe the review of this document that was performed by
the Document Shepherd.  If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.

This version of the draft is ready for publication.

(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?

There are no concerns about the breadth or depth of the reviews.

(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.

No portions of the document need review from a particular or from
broader perspective.

(6) Describe any specific concerns or issues that the Document Shepherd
has with this document that the Responsible Area Director and/or the
IESG should be aware of? For example, perhaps he or she is uncomfortable
with certain parts of the document, or has concerns whether there really
is a need for it. In any event, if the WG has discussed those issues and
has indicated that it still wishes to advance the document, detail those
concerns here.

No Specific concerns

(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed. If not, explain why.

Yes.

(8) Has an IPR disclosure been filed that references this document?
If so, summarize any WG discussion and conclusion regarding the IPR
disclosures.

No IPR disclosures have been filed

(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it?

This document has working group consensus

(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)

There are no known threats of appeal.

(11) Identify any ID nits the Document Shepherd has found in this
document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts
Checklist). Boilerplate checks are not enough; this check needs to be
thorough.

No Known Nits

(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.

N/A

(13) Have all references within this document been identified as
either normative or informative?

Yes

(14) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state? If such normative
references exist, what is the plan for their completion?

There are references to TLS 1.3 and RFC 4492bis.  These documents are other progressing or will progress soon. 

(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in
the Last Call procedure.

NA

(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are not
listed in the Abstract and Introduction, explain why, and point to the
part of the document where the relationship of this document to the
other RFCs is discussed. If this information is not in the document,
explain why the WG considers it unnecessary.

NA

(17) Describe the Document Shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document. Confirm that all protocol extensions that the document makes
are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly
identified. Confirm that newly created IANA registries include a
detailed specification of the initial contents for the registry, that
allocations procedures for future registrations are defined, and a
reasonable name for the new registry has been suggested (see RFC 5226).

No New registries are created.  Code points are requested for existing registries.

(18) List any new IANA registries that require Expert Review for future
allocations. Provide any public guidance that the IESG would find
useful in selecting the IANA Experts for these new registries.

NA

(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.

NA
2017-04-28
02 Joseph Salowey Responsible AD changed to Kathleen Moriarty
2017-04-28
02 Joseph Salowey IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up
2017-04-28
02 Joseph Salowey IESG state changed to Publication Requested
2017-04-28
02 Joseph Salowey IESG process started in state Publication Requested
2017-04-28
02 Joseph Salowey Tag Doc Shepherd Follow-up Underway cleared.
2017-04-13
02 Joseph Salowey Changed document writeup
2017-04-12
02 Joseph Salowey Tag Revised I-D Needed - Issue raised by WGLC cleared.
2017-04-12
02 Joseph Salowey IETF WG state changed to WG Consensus: Waiting for Write-Up from Waiting for WG Chair Go-Ahead
2017-04-11
02 Daniel Migault New version available: draft-ietf-tls-ecdhe-psk-aead-02.txt
2017-04-11
02 (System) New version approved
2017-04-11
02 (System) Request for posting confirmation emailed to previous authors: John Mattsson <john.mattsson@ericsson.com>, Daniel Migault <daniel.migault@ericsson.com>, tls-chairs@ietf.org
2017-04-11
02 Daniel Migault Uploaded new revision
2017-04-07
01 Sean Turner Notification list changed to Joseph Salowey <joe@salowey.net>
2017-04-07
01 Sean Turner Document shepherd changed to Joseph A. Salowey
2017-03-22
01 Joseph Salowey Tags Revised I-D Needed - Issue raised by WGLC, Doc Shepherd Follow-up Underway set.
2017-03-22
01 Joseph Salowey IETF WG state changed to Waiting for WG Chair Go-Ahead from In WG Last Call
2016-11-22
01 Sean Turner This document now replaces draft-mattsson-tls-ecdhe-psk-aead instead of None
2016-11-22
01 Sean Turner WGLC ends 20161209.
2016-11-22
01 Sean Turner IETF WG state changed to In WG Last Call from WG Document
2016-11-22
01 Sean Turner Changed consensus to Yes from Unknown
2016-11-22
01 Sean Turner Intended Status changed to Proposed Standard from None
2016-11-13
01 Daniel Migault New version available: draft-ietf-tls-ecdhe-psk-aead-01.txt
2016-11-13
01 (System) New version approved
2016-11-13
01 (System) Request for posting confirmation emailed to previous authors: "John Mattsson" <john.mattsson@ericsson.com>, "Daniel Migault" <daniel.migault@ericsson.com>, tls-chairs@ietf.org
2016-11-13
01 Daniel Migault Uploaded new revision
2016-05-27
00 Daniel Migault New version available: draft-ietf-tls-ecdhe-psk-aead-00.txt