IETF 81 Proceedings

Introduction  |  Area, Working Goup & BoF Reports  |  Plenaries  |  Training  |  Internet Research Task Force

Transport Layer Security (tls) (WG)

Minutes  | Audio Archives  |  Jabber Logs  |  Mailing List Archives

Additional information is available at tools.ietf.org/wg/tls

Chair(s): Eric Rescorla Joseph Salowey Eric Rescorla Security Area Director(s): Stephen Farrell Sean Turner Security Area Advisor: Sean Turner Technical Advisor(s): Allison Mankin

Meeting Slides

• Agenda
• Heartbeat
• TLS-OBC
• OOB Pubkey
• DNSSEC Serialization

Internet-Drafts:

• Datagram Transport Layer Security version 1.2 (0 bytes) Failed to copy /a/www/ietf-ftp/internet-drafts/draft-ietf-tls-rfc4347-bis-06.txt
• Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension (0 bytes) Failed to copy /a/www/ietf-ftp/internet-drafts/draft-ietf-tls-dtls-heartbeat-03.txt

Request for Comments:

• The TLS Protocol Version 1.0 (RFC 2246) (170401 bytes) obsoleted by RFC 4346/ updated by RFC 3546,RFC 5746,RFC 6176 Failed to copy /a/www/ietf-ftp/rfc/rfc2246.txt
• Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) (RFC 2712) (13763 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc2712.txt
• Upgrading to TLS Within HTTP/1.1 (RFC 2817) (27598 bytes) Updates RFC 2616 Failed to copy /a/www/ietf-ftp/rfc/rfc2817.txt
• HTTP Over TLS (RFC 2818) (15170 bytes) updated by RFC 5785 Failed to copy /a/www/ietf-ftp/rfc/rfc2818.txt
• AES Ciphersuites for TLS (RFC 3268) (13530 bytes) obsoleted by RFC 5246 Failed to copy /a/www/ietf-ftp/rfc/rfc3268.txt
• Transport Layer Security (TLS) Extensions (RFC 3546) (63437 bytes) obsoleted by RFC 4366/ Updates RFC 2246 Failed to copy /a/www/ietf-ftp/rfc/rfc3546.txt
• Transport Layer Security Protocol Compression Methods (RFC 3749) (16411 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc3749.txt
• Addition of Camellia Cipher Suites to Transport Layer Security (TLS) (RFC 4132) (13590 bytes) obsoleted by RFC 5932 Failed to copy /a/www/ietf-ftp/rfc/rfc4132.txt
• Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) (RFC 4279) (32160 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc4279.txt
• The The Transport Layer Security (TLS) Protocol Version 1.1 (RFC 4346) (187041 bytes) obsoletes RFC 2246/ obsoleted by RFC 5246/ updated by RFC 4366,RFC 4680,RFC 4681,RFC 5746,RFC 6176 Failed to copy /a/www/ietf-ftp/rfc/rfc4346.txt
• Transport Layer Security (TLS) Extensions (RFC 4366) (66040 bytes) obsoletes RFC 3546/ obsoleted by RFC 5246,RFC 6066/ Updates RFC 4346/ updated by RFC 5746 Failed to copy /a/www/ietf-ftp/rfc/rfc4366.txt
• Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) (RFC 4492) (72231 bytes) updated by RFC 5246 Failed to copy /a/www/ietf-ftp/rfc/rfc4492.txt
• Pre-Shared Key (PSK) Cipher Suites with NULL Encryption for Transport Layer Security (TLS) (RFC 4785) (9550 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc4785.txt
• Using OpenPGP keys for TLS authentication (RFC 5081) (15300 bytes) obsoleted by RFC 6091 Failed to copy /a/www/ietf-ftp/rfc/rfc5081.txt
• Using the Secure Remote Password (SRP) Protocol for TLS Authentication (RFC 5054) (44445 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5054.txt
• The Transport Layer Security (TLS) Protocol Version 1.2 (RFC 5246) (222395 bytes) obsoletes RFC 3268,RFC 4346,RFC 4366/ Updates RFC 4492/ updated by RFC 5746,RFC 5878,RFC 6176 Failed to copy /a/www/ietf-ftp/rfc/rfc5246.txt
• AES Galois Counter Mode (GCM) Cipher Suites for TLS (RFC 5288) (16468 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5288.txt
• TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM) (RFC 5289) (12195 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5289.txt
• DES and IDEA Cipher Suites for Transport Layer Security (TLS) (RFC 5469) (8558 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5469.txt
• Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and AES Galois Counter Mode (RFC 5487) (15537 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5487.txt
• ECDHE_PSK Cipher Suites for Transport Layer Security (TLS) (RFC 5489) (14194 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5489.txt
• Transport Layer Security (TLS) Renegotiation Indication Extension (RFC 5746) (33790 bytes) Updates RFC 5246,RFC 4366,RFC 4347,RFC 4346,RFC 2246 Failed to copy /a/www/ietf-ftp/rfc/rfc5746.txt
• Keying Material Exporters for Transport Layer Security (TLS) (RFC 5705) (16346 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5705.txt
• Transport Layer Security (TLS) Extensions: Extension Definitions (RFC 6066) (55079 bytes) obsoletes RFC 4366 Failed to copy /a/www/ietf-ftp/rfc/rfc6066.txt
• Prohibiting Secure Sockets Layer (SSL) Version 2.0 (RFC 6176) (7642 bytes) Updates RFC 2246,RFC 4346,RFC 5246 Failed to copy /a/www/ietf-ftp/rfc/rfc6176.txt

Charter (as of 2011-08-18)

The TLS Working Group was established in 1996 to standardize a
'transport layer' security protocol. The working group began with SSL
version 3.0. The TLS Working Group has completed a series of
specifications that describe the Transport Layer Security protocol
versions 1.0, 1.1, and 1.2, extensions to the protocol, and new
ciphersuites to be used with TLS.

The primary goals of the WG are to maintain:
- The TLS protocol, RFC 5246;
- The DTLS protocol, draft-ietf-tls-rfc4347-bis.

Significant changes to the protocol, such as a new version 1.3, are not
within scope of the working group unless they are explicitly added to
the charter.

The secondary goals of the WG are to publish:
- Guidelines for Specifying the Use of TLS/DTLS;
- Recommendations for use of TLS (e.g., server ID);
- Extensions to TLS and DTLS; and,
- Cipher suites.

Goals and Milestones:

Done		Agreement on charter and issues in current draft.
Done		Final draft for Secure Transport Layer Protocol ('STLP')
Done		Working group 'Last Call'
Done		Submit to IESG for consideration as a Proposed Standard.
Done		First revised draft of TLS specification
Done		TSL 1.1 Specification
Done		First draft of TLS 1.2 specification, including CTR mode cipher suites
Done		First draft of specification for cipher suites with combined encryption/authentication modes
Dec 2011		Heartbeat Extension Sent to IESG