headers
Internet-Drafts | 2 Jul 2003 12:57
Picon
Favicon

I-D ACTION:draft-ietf-tls-rfc2246-bis-05.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Transport Layer Security Working Group of the IETF.

	Title		: The TLS Protocol Version 1.1
	Author(s)	: T. Dierks, E. Rescorla
	Filename	: draft-ietf-tls-rfc2246-bis-05.txt
	Pages		: 90
	Date		: 2003-7-1
	
This document specifies Version 1.0 of the Transport Layer Security
(TLS) protocol. The TLS protocol provides communications privacy over
the Internet. The protocol allows client/server applications to
communicate in a way that is designed to prevent eavesdropping,
tampering, or message forgery.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-tls-rfc2246-bis-05.txt

To remove yourself from the IETF Announcement list, send a message to 
ietf-announce-request with the word unsubscribe in the body of the message.

Internet-Drafts are also available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
	"get draft-ietf-tls-rfc2246-bis-05.txt".

A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html 
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
(Continue reading)

Permalink | Reply | 0 comments |
headers
badra | 9 Jul 2003 10:51
Picon
Picon

Re: Finished message in TLS/SSL


Dear,

Just a small comment to your response.

You could send the intermediate state of MD5 and SHA-1 instead of all the input data (assuming that the API used for MD5 and SHA-1 computations allows this), then you won't have to forward all of the handshake data.
I said (my last mail) that is possible when use TLS instead of SSL which has a wide use. In SSL, i must send back all exchanged handshake messages (2 to 3 Kilo octets) between the trusted CA and the server to the client (this is undesirable in wireless networks where the radio bandwidth is the bottleneck).
In addition, in the SSL classe 3 (mutual authentication), the trusted CA must also send, to the client, all handshake messages startind at ClientHello up to Verify_certificate (in SSL, the Finished and the verify_data are calculated by applying the PRF, among others parameters, to the hash of the concatenation of all handshake messages and the master_secret shared).
It becomes necessary to apply the PRF to Handshake data, known by the client and the server, needed to be protected from any change; namely the random numbers, the selected cipher_suites, the version’s protocol, acceptable certificate authorities and client certificate’s URL.
If you think that SSL 3.0 has disadvantages for your application [..]
In fact, it has disadvantages for all wireless applications namly GSM, GPRS, and Wi-Fi.
In this approach, the trusted third party can be
- the GGNS in GPRS
- the Switch or the Access Point in Wi-Fi or WLAN
- and it is the BSC in GSM

Sincerely,
Badra.
Permalink | Reply | 2 comments |
headers
Hollenbeck, Scott | 12 Jul 2003 16:30
Picon
Favicon

RE: WG Last Call: Transport Layer Security Protocol Co mpression Methods

Win,

What was the result of the WG last call for the document described below?  I
didn't receive any private comments and I didn't see anything sent to the
mailing list.

-Scott-

> -----Original Message-----
> From: Win Treese [mailto:treese <at> acm.org]
> Sent: Tuesday, June 03, 2003 1:39 AM
> To: IETF Transport Layer Security WG
> Subject: [ietf-tls] WG Last Call: Transport Layer Security Protocol
> Compression Methods
> 
> 
> 
> This is a working group Last Call for Transport Layer 
> Security Protocol
> Compression Methods (draft-ietf-tls-compression-05.txt).
> 
> Please review the draft carefully. Simple editorial comments 
> may be sent
> directly to the document author, Scott Hollenbeck 
> <shollenbeck <at> verisign.com>.
> Please send comments on substantive issues to the mailing 
> list. The Last
> Call period will run until 10 June 2003. 
> 
> This document has been proposed for the standards track.
> 
> For reference, the document is available at
> http://www.ietf.org/internet-drafts/draft-ietf-tls-compression-05.txt
> 
> Win Treese
> treese <at> acm.org
> Chair, TLS working group
Permalink | Reply | 0 comments |
headers
Win Treese | 14 Jul 2003 18:53
Picon
Favicon

RE: WG Last Call: Transport Layer Security Protocol Co mpression Methods


> What was the result of the WG last call for the document described below?  I
> didn't receive any private comments and I didn't see anything sent to the
> mailing list.
> 
> -Scott-
> 
> > -----Original Message-----
> > From: Win Treese [mailto:treese <at> acm.org]
> > Sent: Tuesday, June 03, 2003 1:39 AM
> > To: IETF Transport Layer Security WG
> > Subject: [ietf-tls] WG Last Call: Transport Layer Security Protocol
> > Compression Methods
> > 
> > 
> > 
> > This is a working group Last Call for Transport Layer 
> > Security Protocol
> > Compression Methods (draft-ietf-tls-compression-05.txt).
> > 
> > Please review the draft carefully. Simple editorial comments 
> > may be sent
> > directly to the document author, Scott Hollenbeck 
> > <shollenbeck <at> verisign.com>.
> > Please send comments on substantive issues to the mailing 
> > list. The Last
> > Call period will run until 10 June 2003. 
> > 
> > This document has been proposed for the standards track.
> > 
> > For reference, the document is available at
> > http://www.ietf.org/internet-drafts/draft-ietf-tls-compression-05.txt
> > 
> > Win Treese
> > treese <at> acm.org
> > Chair, TLS working group
Permalink | Reply | 0 comments |
headers
Win Treese | 14 Jul 2003 18:54
Picon
Favicon

RE: WG Last Call: Transport Layer Security Protocol Co mpression Methods


> Win,
> 
> What was the result of the WG last call for the document described below?  I
> didn't receive any private comments and I didn't see anything sent to the
> mailing list.

I received no comments. I'm making one last pass over it for nits before
submitting it to the IESG.

Win Treese
treese <at> acm.org
Chair, TLS working group
Permalink | Reply | 0 comments |
headers
Parag Salvi | 25 Jul 2003 03:46
Picon

SSL/TLS test tool

Hi,

I was wondering if anyone in the alias knows about any ssl/tls based testing 
tool which can be used to generate various alert messages ?

I am not in the alias so please respond directly to me. I will post the replies 
If I get them.

Thanks,
Parag Salvi
Permalink | Reply | 0 comments |

Gmane