Protocol Action: 'Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension' to Proposed Standard (draft-ietf-tls-session-hash-06.txt)
The IESG <iesg-secretary@ietf.org> Mon, 06 July 2015 21:12 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A4C91A01F7; Mon, 6 Jul 2015 14:12:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NvYl7D0PoFwu; Mon, 6 Jul 2015 14:11:58 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1210F1A0273; Mon, 6 Jul 2015 14:11:45 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension' to Proposed Standard (draft-ietf-tls-session-hash-06.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.0.4.p1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150706211145.20167.71595.idtracker@ietfa.amsl.com>
Date: Mon, 06 Jul 2015 14:11:45 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-announce/jMu7Ryai17GXNcU9CuzyiNC9pG8>
Cc: tls mailing list <tls@ietf.org>, tls chair <tls-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jul 2015 21:12:00 -0000
The IESG has approved the following document: - 'Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension' (draft-ietf-tls-session-hash-06.txt) as Proposed Standard This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Stephen Farrell and Kathleen Moriarty. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-tls-session-hash/ Technical Summary The Transport Layer Security (TLS) master secret is not cryptographically bound to important session parameters such as the server certificate. Consequently, it is possible for an active attacker to set up two sessions, one with a client and another with a server, such that the master secrets on the two sessions are the same. Thereafter, any mechanism that relies on the master secret for authentication, including session resumption, becomes vulnerable to a man-in-the-middle attack, where the attacker can simply forward messages back and forth between the client and server. This specification defines a TLS extension that contextually binds the master secret to a log of the full handshake that computes it, thus preventing such attacks. Working Group Summary This document has been reviewed by the WG on the mailing list and has been discussed at numerous TLS meetings (both regularly scheduled IETF meeting and TLS interims). Document Quality It not only reflects WG consensus it documents an implemented solution. Personnel Sean Turner is the document shepherd. Stephen Farrell is the irresponsible AD.