2.6.12 Transport Layer Security (tls)

NOTE: This charter is a snapshot of the 51st IETF Meeting in London, England. It may now be out-of-date. Last Modified: 31-Jul-01

Chair(s):

Win Treese <treese@acm.org>

Security Area Director(s):

Jeffrey Schiller <jis@mit.edu>
Marcus Leech <mleech@nortelnetworks.com>

Security Area Advisor:

Jeffrey Schiller <jis@mit.edu>

Technical Advisor(s):

Allison Mankin <mankin@isi.edu>

Mailing Lists:

General Discussion:ietf-tls@lists.certicom.com
To Subscribe: ietf-tls-request@lists.certicom.com
Archive: http://www.imc.org/ietf-tls/mail-archive

Description of Working Group:

The TLS Working Group was established in 1996 to standardize a 'transport layer' security protocol. The working group began with SSL version 3.0, and in 1999, RFC 2246, TLS Protocol Version 1.0 was published as a Proposed Standard. The working group has also published RFC 2712, Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) as a Proposed Standard, and two RFCs on the use of TLS with HTTP.

The primary purpose of the working group is to advance the TLS Protocol to Internet Standard. In addition, the working group will publish documents defining new ciphersuites for use with TLS as needed.

Goals and Milestones:

Done

  

Agreement on charter and issues in current draft.

Done

  

Final draft for Secure Transport Layer Protocol ('STLP')

Done

  

Working group 'Last Call'

Done

  

Submit to IESG for consideration as a Proposed Standard.

Feb 01

  

First revised draft of TLS specification

Jun 01

  

Submit specification to IESG for consideration as Draft Standard

Internet-Drafts:
Request For Comments:

RFC

Status

Title

RFC2246

PS

The TLS Protocol Version 1.0

RFC2712

PS

Addition of Kerberos Cipher Suites to Transport Layer Security (TLS)

RFC2817

PS

Upgrading to TLS Within HTTP/1.1

RFC2818

 

HTTP Over TLS

Current Meeting Report

Minutes of the TLS Working Group Meeting, August, 2001

The TLS working group met on Wednesday, August 8, 2001 at 1300-1500 at the 51st IETF meeting in London. The meeting was chaired by Win Treese (treese@acm.org). Minutes by Win Treese.

Agenda

1. Review of agenda and current status (5 minutes)
2. Moving RFC 2246 to Draft Standard (10 minutes)
3. Other Proposals (30 minutes)
TLS Extensions
draft-ietf-tls-extensions-00.txt
TLS Delegation Protocol
draft-ietf-tls-delegation-01.txt
Using SRP for TLS Authentication
draft-ietf-tls-srp-01.txt
Putting extensions on TLS roadmap -- what version of TLS? when?
4. CipherSuites (1 hour)
AES Ciphersuites for TLS
draft-ietf-tls-ciphersuite-03.txt
draft-ietf-tls-ciphersuite-04.txt
ECC Cipher Suites For TLS
draft-ietf-tls-ecc-01.txt
56-bit Export Cipher Suites For TLS
draft-ietf-tls-56-bit-ciphersuites-01.txt
Extensions to TLS for OpenPGP keys
draft-ietf-tls-openpgp-01.txt
Addition of MISTY1 to TLS
draft-ietf-tls-misty1-01.txt
Addition of the Camellia Encryption Algorithm to TLS
draft-ietf-tls-camellia-01.txt
Kerberos Cipher Suites in Transport Layer Security (TLS)
draft-ietf-tls-kerb-00.txt
NTRU Cipher Suites for TLS
draft-ietf-tls-ntru-00.txt
5. Open discussion (15 minutes): should the WG undertake to define a major revision to TLS? If so, what changes should we focus on?

Discussion

Eric Rescorla (ekr@rtfm.com) has kindly agreed to work with Tim Dierks (Tim_Direrks@certicom.com) to edit RFC 2246 for advancing to Draft Standard. If you have any comments or suggestions for change, please send to the list or to Eric, Tim, and Win.

There was some discussion over which ciphersuites should be specified in the next version. Should AES be included? Should the mandatory ciphersuite be changed? No decisions were taken.

Simon Blake-Wilson made a brief presentation on the TLS Extensions draft (draft-ietf-tls-extensions-00.txt). Slides from the presentation are available in the IETF meeting minutes or at http://www.treese.org/ietf-tls/meetings/2001-08/index.html. Simon's presentation listed some open questions that need to be resolved, which is the next order of business for this draft.

Doug Engert said a little about the TLS Delegation Protocol draft (draft-ietf-tls-delegation-01.txt), with more discussion to follow on the mailing list.

David Taylor, author of Using SRP for TLS Authentication (<a href="ftp://ftp.ietf.org/internet-drafts/ietf-tls-srp-01.txt">ietf-tls-srp-01.txt</a>), was unable to attend the meeting, so discussion will take place on the mailing list.

Ciphersuites

The AES ciphersuite draft without OAEP will be put forward for Proposed Standard.

There was much discussion of whether the IANA should handle ciphersuite assignments, which Treese will discuss with them. There was also quite a bit of discussion about whether patented algorithms should be given RFCs of any kind for ciphersuite identifiers.

Treese made two proposals for the handling of future ciphersuite submissions:
1. New drafts specifying export-grade ciphersuites will not be accepted for publication as working group drafts
2. New drafts should specify temporary ciphersuite identifiers from the experimental range for the initial submission

Because the authors were not present, discussion of the draft for Kerberos Cipher Suites in Transport Layer Security (TLS) (draft-ietf-tls-kerb-00.txt) was deferred to the mailing list.

Pending discussion on the mailing list, the drafts for
Addition of MISTY1 to TLS (draft-ietf-tls-misty1-01.txt),

Addition of the Camellia Encryption Algorithm to TLS (draft-ietf-tls-camellia-01.txt), and 56-bit Export Cipher Suites For TLS (draft-ietf-tls-56-bit-ciphersuites-01.txt) will be submitted as Informational RFCs.

The remaining drafts require further discussion on the mailing list.

Respectfully submitted,

Win Treese

Slides

Addition of MISTY1 to TLS
Extensions to TLS
NTRU Cipher Suites for TLS