IETF Logo Mail Archive

[TLS] New Version Notification for draft-wouters-tls-oob-pubkey-01.txt (fwd)

Paul Wouters <paul@xelerance.com> Mon, 31 October 2011 23:23 UTC

Return-Path: <paul@xelerance.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E0001F0D6D for <tls@ietfa.amsl.com>; Mon, 31 Oct 2011 16:23:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pB6XZfjYZI9b for <tls@ietfa.amsl.com>; Mon, 31 Oct 2011 16:23:00 -0700 (PDT)
Received: from mx.xelerance.com (mx.xelerance.com [193.110.157.188]) by ietfa.amsl.com (Postfix) with ESMTP id 616151F0D52 for <tls@ietf.org>; Mon, 31 Oct 2011 16:23:00 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mx.xelerance.com (Postfix) with ESMTP id 5FF567EB for <tls@ietf.org>; Mon, 31 Oct 2011 19:22:58 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xelerance.com; h= content-type:content-type:mime-version:user-agent:message-id :subject:subject:from:from:date:date:received:received:received :received; s=smtp; t=1320103377; x=1320708177; bh=1ADsypwaj852/I T5gKMXu3cCUFgzNs0g8QpcyrZu3mo=; b=LlYTqH+a3+CB9O3VKBXaWZvq5D/5HP nVzG6KNU+Y6Q5/UjW+T9iLP/FOghI6qMhbpxeqbhZoxrOK6NA/MSfLji4WYByYNS qxKenGK1HNgM4KKoiP1V0s5iHs4n+7OY9RM4BXnh2q76RQtmLsdU181tTtDeSE6d LHKiv/vnVU67c=
Received: from mx.xelerance.com ([127.0.0.1]) by localhost (mx.xelerance.com [127.0.0.1]) (amavisd-new, port 10026) with LMTP id 0awqw24FblYN for <tls@ietf.org>; Mon, 31 Oct 2011 19:22:57 -0400 (EDT)
Received: from mail.xelerance.com (mail.xelerance.com [193.110.157.189]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.xelerance.com (Postfix) with ESMTPS id 077707F2 for <tls@ietf.org>; Mon, 31 Oct 2011 19:21:12 -0400 (EDT)
Received: by mail.xelerance.com (Postfix, from userid 1001) id C9A8292D; Mon, 31 Oct 2011 19:21:11 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by mail.xelerance.com (Postfix) with ESMTP id C09DE917 for <tls@ietf.org>; Mon, 31 Oct 2011 19:21:11 -0400 (EDT)
Date: Mon, 31 Oct 2011 19:21:11 -0400
From: Paul Wouters <paul@xelerance.com>
To: tls@ietf.org
Message-ID: <alpine.DEB.2.00.1110311914480.17385@mail.xelerance.com>
User-Agent: Alpine 2.00 (DEB 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
Subject: [TLS] New Version Notification for draft-wouters-tls-oob-pubkey-01.txt (fwd)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Oct 2011 23:23:02 -0000

This is the new version of the draft incorporating the feedback from Quebec City
and the TLS list since then. It changes the draft from a new TLS extension to a
new Certificate Type for raw keys.

It also merges in the unpublished draft material from Hannes Tschofenig
and Tero Kivinen <kivinen@iki.fi> whom had also been working on raw RSA
TLS keys for use with CoAP (eg devices with no real time clock where
PKIX validation cannot work)

I did not yet change the draft ofrom individual submission to working group item,
as I was waiting for confirmation on the TLW WG list of the last Quebec City
meeting.

http://tools.ietf.org/html/draft-wouters-tls-oob-pubkey-01

Paul

---------- Forwarded message ----------
Date: Mon, 31 Oct 2011 17:44:35
From: internet-drafts@ietf.org
Cc: weiler@tislabs.com, hannes.tschofenig@gmx.net, gnu@toad.com,
     paul@xelerance.com, kivinen@iki.fi
To: paul@xelerance.com
Subject: New Version Notification for draft-wouters-tls-oob-pubkey-01.txt
X-Spam-Flag: NO

A new version of I-D, draft-wouters-tls-oob-pubkey-01.txt has been successfully submitted by Paul Wouters and posted to the IETF repository.

Filename:	 draft-wouters-tls-oob-pubkey
Revision:	 01
Title:		 TLS out-of-band public key validation
Creation date:	 2011-10-31
WG ID:		 Individual Submission
Number of pages: 11

Abstract:
    This document specifies a new TLS certificate type for exchanging raw
    public keys or their fingerprints in Transport Layer Security (TLS)
    and Datagram Transport Layer Security (DTLS) for use with out-of-band
    authentication.  Currently, TLS authentication can only occur via
    PKIX or OpenPGP certificates.  By specifying a minimum resource for
    raw public key exchange, implementations can use alternative
    authentication methods.

    One such method is using DANE Resource Records secured by DNSSEC,
    Another use case is to provide authentication functionality when used
    with devices in a constrained environment that use whitelists and
    blacklists, as is the case with sensors and other embedded devices
    that are constrained by memory, computational, and communication
    limitations where the usage of PKIX is not feasible.

    The new certificate type specified can also be used to reduce the
    latency of a TLS client that is already in possession of a validated
    public key of the TLS server before it starts a (non-resumed) TLS
    handshake.




The IETF Secretariat

v2.23.0 | Report a Bug | By Email