Skip to main content

TLS 1.3 Authentication and Integrity-Only Cipher Suites
RFC 9150

Revision differences

Document history

Date By Action
2022-04-21
(System)
Received changes through RFC Editor sync (created alias RFC 9150, changed title to 'TLS 1.3 Authentication and Integrity-Only Cipher Suites', changed abstract to 'This …
Received changes through RFC Editor sync (created alias RFC 9150, changed title to 'TLS 1.3 Authentication and Integrity-Only Cipher Suites', changed abstract to 'This document defines the use of cipher suites for TLS 1.3 based on Hashed Message Authentication Code (HMAC).  Using these cipher suites provides server and, optionally, mutual authentication and data authenticity, but not data confidentiality.  Cipher suites with these properties are not of general applicability, but there are use cases, specifically in Internet of Things (IoT) and constrained environments, that do not require confidentiality of exchanged messages while still requiring integrity protection, server authentication, and optional client authentication.  This document gives examples of such use cases, with the caveat that prior to using these integrity-only cipher suites, a threat model for the situation at hand is needed, and a threat analysis must be performed within that model to determine whether the use of integrity-only cipher suites is appropriate.  The approach described in this document is not endorsed by the IETF and does not have IETF consensus, but it is presented here to enable interoperable implementation of a reduced-security mechanism that provides authentication and message integrity without supporting confidentiality.', changed pages to 10, changed standardization level to Informational, changed state to RFC, added RFC published event at 2022-04-21, changed ISE state to Published RFC)
2022-04-21
(System) RFC published