Last Call: <draft-ietf-tls-session-hash-04.txt> (Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension) to Proposed Standard

The IESG <iesg-secretary@ietf.org> Mon, 30 March 2015 14:58 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDBF51AC414; Mon, 30 Mar 2015 07:58:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nFDWYIt5o6Mw; Mon, 30 Mar 2015 07:58:58 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 440581AC3EA; Mon, 30 Mar 2015 07:58:58 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: "IETF-Announce" <ietf-announce@ietf.org>
Subject: Last Call: <draft-ietf-tls-session-hash-04.txt> (Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension) to Proposed Standard
X-Test-IDTracker: no
X-IETF-IDTracker: 5.13.0
Auto-Submitted: auto-generated
Precedence: bulk
Sender: <iesg-secretary@ietf.org>
Message-ID: <20150330145858.27263.63450.idtracker@ietfa.amsl.com>
Date: Mon, 30 Mar 2015 07:58:58 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-announce/4DedZuIJwhSHNW_9Tk6pcktjc2E>
Cc: tls@ietf.org
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Mar 2015 14:59:00 -0000

The IESG has received a request from the Transport Layer Security WG
(tls) to consider the following document:
- 'Transport Layer Security (TLS) Session Hash and Extended Master Secret
   Extension'
  <draft-ietf-tls-session-hash-04.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2015-04-13. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


   The Transport Layer Security (TLS) master secret is not
   cryptographically bound to important session parameters such as the
   server certificate.  Consequently, it is possible for an active
   attacker to set up two sessions, one with a client and another with a
   server, such that the master secrets on the two sessions are the
   same.  Thereafter, any mechanism that relies on the master secret for
   authentication, including session resumption, becomes vulnerable to a
   man-in-the-middle attack, where the attacker can simply forward
   messages back and forth between the client and server.  This
   specification defines a TLS extension that contextually binds the
   master secret to a log of the full handshake that computes it, thus
   preventing such attacks.




The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-tls-session-hash/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-tls-session-hash/ballot/


No IPR declarations have been submitted directly on this I-D.

ID-NITs says this uses "NOT RECOMMENDED" but that that's not
called out as a term. We'll fix that.