Skip to main content

Liaison statement
Reply LS from ETSI TC CYBER to IETF Security area directors regarding “enterprise TLS”

Additional information about IETF liaison relationships is available on the IETF webpage and the Internet Architecture Board liaison webpage.
State Posted
Submitted Date 2019-01-24
From Contact Sonia Compans
To Group SEC
To Contacts Eric Rescorla <>
Benjamin Kaduk <>
Cc Benjamin Kaduk <>
The IETF Chair <>
Eric Rescorla <>
Response Contact
Purpose In response
Attachments (None)
Liaisons referred by this one Statement from the IETF SEC Area Directors regarding "enterprise TLS"
ETSI TC CYBER thanks the IETF Security Area Directors for their LS regarding
“enterprise TLS,” and expresses its interest in working with the IETF to
resolve any perceived concerns in implementing variants of Transport Layer
Security protocols in order to meet the needs of all parties.

ETSI’s present TLS protocol activities are part of extensive standards
developments among multiple bodies over many years and include specifications
at link, network, transport, and application layers.  This work has resulted in
concepts and terms associated with Transport Layer Security protocols and TLS
which have been in the public domain and generic for over three decades.  
ETSI’s involvement has encompassed both its own native work, as well as
collaboration with other standards bodies.

TC CYBER’s present work on the Middlebox Security Protocol TLS implementations
stems from meeting the needs which our members bring to the Technical Committee
and began with developing Middlebox Security Protocol use cases.  Those use
cases included a variety of implementation variants of TLS, with security and
privacy analysis and safeguards.  The extensive list of use cases is found in
MSP Part 1 which will be published in the near future.

One of the use cases includes enterprises running their own networks and
services whilst meeting their obligations such as audit requirements of
financial institutions, preventing malware placement, and detecting unlawful
customer data exfiltration.

TC CYBER realizes that such enterprise use cases may differ from IETF’s focus
on perfecting a Transport Layer Security protocol for end-to-end traffic
invisibility.  These invisibility objectives may be suitable for many open
network use cases that the IETF is addressing. However, a number of industry
use cases exist that require other TLS implementations which were recognized at
IETF and ETSI meetings.

The actions of TC CYBER are similar to that of other standards bodies which
have recently taken similar steps to develop diverse alternative TLS standards
for necessary use cases in the marketplace.

TC CYBER has discussed the name of Part 3 currently known as “eTLS” and to
avoid any confusion, agreed to rename Part 3 “Enterprise Transport Security
(ETS)”.  This change will be applied to the next public version.  TC CYBER also
intends to register a “well-known” URI namespace pursuant to IETF RFCs.