[TLS] Protocol Action: 'Encrypt-then-MAC for TLS and DTLS' to Proposed Standard (draft-ietf-tls-encrypt-then-mac-03.txt)
The IESG <iesg-secretary@ietf.org> Mon, 11 August 2014 18:38 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 959981A075B; Mon, 11 Aug 2014 11:38:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QDc3vXuls4xA; Mon, 11 Aug 2014 11:38:35 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id CC4BA1A0766; Mon, 11 Aug 2014 11:38:33 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 5.6.2.p5
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20140811183833.11466.35217.idtracker@ietfa.amsl.com>
Date: Mon, 11 Aug 2014 11:38:33 -0700
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/5HmItW2K47GEJ9XZjj0ZA8xOLMg
Cc: tls mailing list <tls@ietf.org>, tls chair <tls-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: [TLS] Protocol Action: 'Encrypt-then-MAC for TLS and DTLS' to Proposed Standard (draft-ietf-tls-encrypt-then-mac-03.txt)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Aug 2014 18:38:36 -0000
The IESG has approved the following document: - 'Encrypt-then-MAC for TLS and DTLS' (draft-ietf-tls-encrypt-then-mac-03.txt) as Proposed Standard This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Stephen Farrell and Kathleen Moriarty. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-tls-encrypt-then-mac/ Technical Summary This document defines a means to negotiate the use of encrypt-then-MAC instead of the existing MAC-then-encrypt one. WRT the existing mechanism, there are a number of identified vulnerabilities (see the references in the draft). Working Group Summary: This draft has been kicking around for a number of years and was adopted and progressed fairly quickly. There were really just two debates 1) how to do the negotiation (see sec 2.1 of the draft), and 2) whether this applied to both stream and block ciphers (ended up applying to just block). Document Quality There's a test server up and running. There's also a number of known implementations. Personnel Stephen Farrell is the responsible AD. Sean Turner is the shepherd. IANA Note Please make the relevant temporary registration permanent.