2.7.15 Transport Layer Security (tls)

NOTE: This charter is a snapshot of the 70th IETF Meeting in Vancouver, BC Canada. It may now be out-of-date.

Last Modified: 2007-04-02


Eric Rescorla <ekr@networkresonance.com>
Pasi Eronen <pasi.eronen@nokia.com>

Security Area Director(s):

Tim Polk <tim.polk@nist.gov>
Sam Hartman <hartmans-ietf@mit.edu>

Security Area Advisor:

Tim Polk <tim.polk@nist.gov>

Technical Advisor(s):

Allison Mankin <mankin@psg.com>

Mailing Lists:

General Discussion: tls@ietf.org
To Subscribe: https://www1.ietf.org/mailman/listinfo/tls
Archive: http://www.ietf.org/mail-archive/web/tls/current/index.html

Description of Working Group:

The TLS Working Group was established in 1996 to standardize a
'transport layer' security protocol. The working group began with SSL
version 3.0. The TLS Working Group has completed a series of
specifications that describe the Transport Layer Security protocol
versions 1.0 and 1.1, extensions to the protocol, and new
ciphersuites to be used with TLS.

The primary goal of the WG is to publish a revision of TLS, version
1.2, that removes the protocol's dependency on the MD5 and SHA-1 digest
algorithms, which have been either wholly or partially compromised by
recent research. The TLS WG will also work on new authenticated
encryption modes for TLS, including modes based on counter mode
encryption (CTR) and combined encryption/authentication modes, and
may define major new cipher suites for TLS for this purpose. In the
preparation of TLS 1.2, the WG will attempt to avoid gratuitous
changes to TLS 1.1.

Goals and Milestones:

Done  Agreement on charter and issues in current draft.
Done  Final draft for Secure Transport Layer Protocol ('STLP')
Done  Working group 'Last Call'
Done  Submit to IESG for consideration as a Proposed Standard.
Done  First revised draft of TLS specification
Done  TSL 1.1 Specification
Done  First draft of TLS 1.2 specification, including CTR mode cipher suites
Done  First draft of specification for cipher suites with combined encryption/authentication modes
Dec 2006  Submit specification of TLS 1.2 specification to IESG for publication as Proposed Standard
Dec 2006  Submit specification of cipher suites with combined encryption/authentication modes to IESG for publication, with at least one of these suites to be Proposed Standard


  • draft-ietf-tls-srp-14.txt
  • draft-ietf-tls-openpgp-keys-11.txt
  • draft-ietf-tls-rfc4346-bis-04.txt
  • draft-ietf-tls-ecc-new-mac-01.txt
  • draft-ietf-tls-rsa-aes-gcm-00.txt
  • draft-ietf-tls-rfc4366-bis-00.txt

    Request For Comments:

    RFC2246 PS The TLS Protocol Version 1.0
    RFC2712 PS Addition of Kerberos Cipher Suites to Transport Layer Security (TLS)
    RFC2817 PS Upgrading to TLS Within HTTP/1.1
    RFC2818 I HTTP Over TLS
    RFC3268 PS AES Ciphersuites for TLS
    RFC3546 PS Transport Layer Security (TLS) Extensions
    RFC3749 Standard Transport Layer Security Protocol Compression Methods
    RFC4132 Standard Addition of Camellia Cipher Suites to Transport Layer Security (TLS)
    RFC4279 Standard Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)
    RFC4346 PS The The Transport Layer Security (TLS) Protocol Version 1.1
    RFC4366 PS Transport Layer Security (TLS) Extensions
    RFC4492 I Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)
    RFC4785 PS Pre-Shared Key (PSK) Cipher Suites with NULL Encryption for Transport Layer Security (TLS)

    Meeting Minutes


    Agenda (Eronen)
    TLS 1.2 Update (Rescorla)
    Extensions (Eronen)
    SIV (Harkins)
    ECDHE_PSK (Badra)
    TEE (Sheffer)
    TLS Extractors (Rescorla)