The IESG | 2 Aug 16:21 2005
Picon

Protocol Action: 'The TLS Protocol Version 1.1' to Proposed Standard

The IESG has approved the following document:

- 'The TLS Protocol Version 1.1 '
   <draft-ietf-tls-rfc2246-bis-13.txt> as a Proposed Standard

This document is the product of the Transport Layer Security Working Group. 

The IESG contact persons are Russ Housley and Sam Hartman.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-tls-rfc2246-bis-13.txt

Technical Summary

  The Transport Layer Security (TLS) protocol provides
  secure communications for connection-oriented data.  A large
  number of network protocols operate over TCP or other
  connection oriented transports.  TLS provides a generic 
  security layer which allows these protocols to treat a 
  connection as an authenticated, confidential channel.  TLS 1.0
  and it's predecessor SSL are widely deployed.  TLS 1.1 is an 
  update to TLS 1.0 which clarifies some issues and fixes some
  known security problems.

Working Group Summary

  This document is a fairly minor update to TLS 1.0.  There are
  only a few technical changes, and they were fairly noncontroversial.
  No important unresolved issues were raised in Working Group Last
  Call.
(Continue reading)

Mitchell Blaser | 2 Aug 22:01 2005

Mitch Blaser is out of the office.


I will be out of the office starting  07/28/2005 and will not return until
08/08/2005.

I will respond to your message when I return.

- Mitch
Simon Blake-Wilson | 16 Aug 15:30 2005

RE: Cipher-suite specific extensions


Hi folks,

There's been very little feedback on the proposal I sent out suggesting
syntax for cipher suite specific extensions. Can I take this as meaning
that not many people care and we can move forward with the TLS extensions
and ECC documents as they are, deferring this issue to future I-Ds? If
not, please respond stating that you like my proposal, or providing
specific text for a counter proposal.

Best regards. simon

> -----Original Message-----
> From: tls-bounces <at> lists.ietf.org 
> [mailto:tls-bounces <at> lists.ietf.org] On Behalf Of Simon Blake-Wilson
> Sent: Wednesday, July 20, 2005 4:54 PM
> To: tls <at> ietf.org
> Subject: RE: [TLS] Cipher-suite specific extensions
> 
> 
> 
> Hi folks,
> 
> I thought it might be worth considering how much of a change 
> to RFC 3456-bis would be required in order to specific a 
> framework for cipher suite specific extensions. The text 
> below is an off-the-top-of-my-head attempt at some text 
> aiming to introduce support with minimal changes.
> 
> Any thoughts on whether the text below would be sufficient 
(Continue reading)

Ari Medvinsky | 16 Aug 18:02 2005
Picon

RE: Cipher-suite specific extensions


Simon,

I like your proposal, I think it makes sense. Are you planning to add
text to the ECC draft to state that the new ECC specific extension can
be sent across using the mech. below?
Thanks,

Ari Medvinsky
Program Manager 
Windows Security

-----Original Message-----
From: tls-bounces <at> lists.ietf.org [mailto:tls-bounces <at> lists.ietf.org] On
Behalf Of Simon Blake-Wilson
Sent: Tuesday, August 16, 2005 6:30 AM
To: tls <at> ietf.org
Subject: RE: [TLS] Cipher-suite specific extensions

Hi folks,

There's been very little feedback on the proposal I sent out suggesting
syntax for cipher suite specific extensions. Can I take this as meaning
that not many people care and we can move forward with the TLS
extensions and ECC documents as they are, deferring this issue to future
I-Ds? If not, please respond stating that you like my proposal, or
providing specific text for a counter proposal.

Best regards. simon

(Continue reading)

Simon Blake-Wilson | 16 Aug 20:11 2005

RE: Cipher-suite specific extensions


Hi Ari,

Yes, if the text is accepted, I would propose to rework the relevant ECC
extensions to use the CS-specific extension format.

Best regards. Simon

> -----Original Message-----
> From: Ari Medvinsky [mailto:arimed <at> windows.microsoft.com] 
> Sent: Tuesday, August 16, 2005 12:03 PM
> To: Simon Blake-Wilson; tls <at> ietf.org
> Subject: RE: [TLS] Cipher-suite specific extensions
> 
> 
> 
> Simon,
> 
> I like your proposal, I think it makes sense. Are you 
> planning to add text to the ECC draft to state that the new 
> ECC specific extension can be sent across using the mech. 
> below? Thanks,
> 
> Ari Medvinsky
> Program Manager 
> Windows Security
> 
> -----Original Message-----
> From: tls-bounces <at> lists.ietf.org 
> [mailto:tls-bounces <at> lists.ietf.org] On Behalf Of Simon Blake-Wilson
(Continue reading)

Eric Rescorla | 19 Aug 21:55 2005

AD comments on draft-ietf-tls-rfc3546bis

Can one of the authors please fix this...

X-Mailer: QUALCOMM Windows Eudora Version 6.2.1.2
Date: Fri, 19 Aug 2005 15:39:11 -0400
To: ekr <at> networkresonance.com
From: Russ Housley <housley <at> vigilsec.com>
Subject: IANA Comments: draft-ietf-tls-rfc3546bis-01.txt

Eric:

I have been waiting for these Last Call comments from IANA to be addressed.

I think that we can generate the information needed to resolve this
comment without updating the document.

I just put this document on the Telechat agenda for September 1st.  If
I do not get this information before the telechat, I will enter a
DISCUSS to hold the document until I get it.  Hopefully, it will be
very straightforward,

Russ

= = = = = = = = =

IANA Last Call Comments:
Upon approval of this document the IANA will create a new registry for
ExtensionType values.  It is not clear as to what the initial list of
values are (even after looking in section 2.3).  Can a list be put in
the IANA Consideration section of what to populate the registry with?

(Continue reading)

Hovav Shacham | 23 Aug 02:25 2005
Picon

Re: Cipher-suite specific extensions

"Simon Blake-Wilson" <sblakewilson <at> bcisse.com> writes:

> Can I take this as meaning that not many people care and we can move
> forward with the TLS extensions and ECC documents as they are,
> deferring this issue to future I-Ds?

Yes.  I support leaving the extensions document as is, without adding
ciphersuite-specific extension support.

--

-- 
Hovav Shacham                                  hovav <at> hovav.net
"Rightly looked at there is no laughable thing under the sun."
Simon Blake-Wilson | 24 Aug 19:28 2005

RE: Re: Cipher-suite specific extensions


Hi folks,

By my count the results of my informal poll on whether people support
adding cipher-suite specific extensions to the TLS extensions and ECC in
TLS docs are currently 1-1.

I don't think that shows sufficient support for making the changes to add
cipher-suite specific support so unless more people speak up I suggest we
move forward with the two documents without cipher-suite specific
extension support.

Note that this certainly does not exclude someone putting out a new I-D
specifying syntax for cipher-suite specific extensions to use to populate
extension data, as well as new extension types for cipher-suite specific
versions of existing extensions and/or new cipher-suite specific
extensions.

Any comments?

Best regards. Simon 

> -----Original Message-----
> From: tls-bounces <at> lists.ietf.org 
> [mailto:tls-bounces <at> lists.ietf.org] On Behalf Of Hovav Shacham
> Sent: Monday, August 22, 2005 8:25 PM
> To: tls <at> ietf.org
> Subject: [TLS] Re: Cipher-suite specific extensions
> 
> 
(Continue reading)

Eric Rescorla | 24 Aug 19:42 2005

Re: Re: Cipher-suite specific extensions

"Simon Blake-Wilson" <sblakewilson <at> bcisse.com> writes:

> Hi folks,
>
> By my count the results of my informal poll on whether people support
> adding cipher-suite specific extensions to the TLS extensions and ECC in
> TLS docs are currently 1-1.
>
> I don't think that shows sufficient support for making the changes to add
> cipher-suite specific support so unless more people speak up I suggest we
> move forward with the two documents without cipher-suite specific
> extension support.

<Speaking as chair>

This is my assessment as well. 

As I understand the situation, we're ready to forward this document to
the IESG at this point. Simon, do you have anything else to do before
you're ready for that?

Thanks,
-Ekr
Ari Medvinsky | 24 Aug 19:46 2005
Picon

RE: Re: Cipher-suite specific extensions


Actually it is not 1-1 it is 2-1 in favor of modifying the draft.  Nicko
from Ncipher agreed with my position. 

-----Original Message-----
From: tls-bounces <at> lists.ietf.org [mailto:tls-bounces <at> lists.ietf.org] On
Behalf Of Eric Rescorla
Sent: Wednesday, August 24, 2005 10:43 AM
To: Simon Blake-Wilson
Cc: tls <at> ietf.org
Subject: Re: [TLS] Re: Cipher-suite specific extensions

"Simon Blake-Wilson" <sblakewilson <at> bcisse.com> writes:

> Hi folks,
>
> By my count the results of my informal poll on whether people support 
> adding cipher-suite specific extensions to the TLS extensions and ECC 
> in TLS docs are currently 1-1.
>
> I don't think that shows sufficient support for making the changes to 
> add cipher-suite specific support so unless more people speak up I 
> suggest we move forward with the two documents without cipher-suite 
> specific extension support.

<Speaking as chair>

This is my assessment as well. 

As I understand the situation, we're ready to forward this document to
(Continue reading)


Gmane