Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exporters for Transport Layer Security (TLS)) to Proposed Standard
Erick O <ericko0@yahoo.com> Fri, 18 September 2009 14:53 UTC
Return-Path: <ericko0@yahoo.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7966C3A6AD2 for <tls@core3.amsl.com>; Fri, 18 Sep 2009 07:53:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.54
X-Spam-Level:
X-Spam-Status: No, score=-2.54 tagged_above=-999 required=5 tests=[AWL=0.058, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mes1WOLNYpa7 for <tls@core3.amsl.com>; Fri, 18 Sep 2009 07:53:08 -0700 (PDT)
Received: from web45501.mail.sp1.yahoo.com (web45501.mail.sp1.yahoo.com [68.180.197.53]) by core3.amsl.com (Postfix) with SMTP id 5F9293A67CC for <tls@ietf.org>; Fri, 18 Sep 2009 07:53:08 -0700 (PDT)
Received: (qmail 65610 invoked by uid 60001); 18 Sep 2009 14:47:23 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1253285243; bh=4BIIQUCzvA8in1NVdc/UYog1jT74LuWmSSih+UVoM/Y=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=RTIRPv9FqrgTpM1VN0HKTeOq1mPq6QLfaeaXrG8fGd7jgUzOxZywe699+XN5v2GxOoCc9mwosAiWU4mp4bBVH4WuWSnDaAJt8llobTblGJRocAnABl/TYZrrYTt8jSv3wxFO6yK/UCdUvxkJHkeBWzUurw/xJVkPT7jdbMrbrZo=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=jzcyZi1e6VCF3gqZByc/GDaFl4hHafcvHP9OzzZrje/9vQeWcI/X3TASgKOHG5bnovsHrjKklvsUXftjYiIH4p6MwcMxdrbmrpqpwrYJlL/IbESeplkhoy51MvyAGnGJ7vg/9KnJw6XttnVa6Wx8QH/0hWjqaqPbclhAWu0XdsI=;
Message-ID: <997098.63763.qm@web45501.mail.sp1.yahoo.com>
X-YMail-OSG: D4wXqxgVM1meQ.DQebqpTl29vJS9rVl_uiVF8PcqZ8Fp0brNwBEdW6GdbjRCAilRoM4SoUOVyNDxFG8ODRM6LeMvpZKMANorGq.ySby9G1N4vWMO6j7QDhC_pd2SFJGWygBZtpHg_6sJMJ38TshafWtXIrL5nwRtrXtScA3dqz9P9x98Wd0J3cCouBzOEUlRU2aZwPMcmxvwid8pZZkHykiCwp7YeqlMnSw11sQSWxDaci65Fw--
Received: from [68.106.217.192] by web45501.mail.sp1.yahoo.com via HTTP; Fri, 18 Sep 2009 07:47:22 PDT
X-Mailer: YahooMailRC/157.18 YahooMailWebService/0.7.347.2
References: <20090720164816.328D928C1C8@core3.amsl.com> <10B26916-E4EC-4678-B35E-0C09D58E4169@stebila.ca>
Date: Fri, 18 Sep 2009 07:47:22 -0700
From: Erick O <ericko0@yahoo.com>
To: Douglas Stebila <douglas@stebila.ca>, IETF Discussion <ietf@ietf.org>
In-Reply-To: <10B26916-E4EC-4678-B35E-0C09D58E4169@stebila.ca>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-945837849-1253285242=:63763"
Cc: tls@ietf.org
Subject: Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exporters for Transport Layer Security (TLS)) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Sep 2009 14:53:08 -0000
________________________________ From: Douglas Stebila <douglas@stebila.ca> To: IETF Discussion <ietf@ietf.org> Cc: tls@ietf.org Sent: Tuesday, July 21, 2009 1:32:21 AM Subject: Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying Material Exporters for Transport Layer Security (TLS)) to Proposed Standard I have implemented draft-ietf-tls-extractor-06 in the TLS v1.0 implementation in OpenSSL. I found the draft easy to implement with no ambiguities or concerns. I believe that the functionality provided by the draft will be extremely valuable for building application-level security protocols and encourage its standardization. It is my interpretation of the draft that it can be implemented in any version of TLS, not just TLS v1.2. Obviously the derived key may be different if the underlying TLS PRF is defined differently (as it is for TLS v1.2), but the draft is still well-defined for previous versions of TLS. For those interested in the OpenSSL implementation, I have posted a page on my website with the patch. http://www.douglas.stebila.ca/code/keying-material-exporters/ In addition to a patch for OpenSSL, I have also done patches to Apache and PHP to expose a PHP function that allows a PHP application to derive keying material from the underlying TLS connection according to the draft specification. Douglas On 2009-Jul-21, at 2:48 AM, The IESG wrote: > The IESG has received a request from the Transport Layer Security WG > (tls) to consider the following document: > > - 'Keying Material Exporters for Transport Layer Security (TLS) ' > <draft-ietf-tls-extractor-06.txt> as a Proposed Standard > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action. Please send substantive comments to the > ietf@ietf.org mailing lists by 2009-08-10. Exceptionally, > comments may be sent to iesg@ietf.org instead. In either case, please > retain the beginning of the Subject line to allow automated sorting. > > The file can be obtained via > http://www.ietf.org/internet-drafts/draft-ietf-tls-extractor-06.txt > > > IESG discussion can be tracked via > https://datatracker.ietf.org/public/pidtracker.cgi?command=view_id&dTag=16821&rfc_flag=0 > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] Last Call: draft-ietf-tls-extractor (Keying… The IESG
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dan Harkins
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Douglas Stebila
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Nikos Mavrogiannopoulos
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Martin Rex
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Paul Hoffman
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Martin Rex
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Nicolas Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Nikos Mavrogiannopoulos
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Eric Rescorla
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Florian Weimer
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Eric Rescorla
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Simon Josefsson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Joseph Salowey (jsalowey)
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Simon Josefsson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Richard Stallman
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Joseph Salowey (jsalowey)
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Nicolas Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Matthew Campagna
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Matthew Campagna
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Nicolas Williams
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Jeffrey A. Williams
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Todd Glassey
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Todd Glassey
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Martin Rex
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Richard Stallman
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Richard Stallman
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Noel Chiappa
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Richard Stallman
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Richard Stallman
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Simon Josefsson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Wes Beebee (wbeebee)
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… David Morris
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Jeffrey A. Williams
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Lawrence Rosen
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Paul Hoffman
- Re: [TLS] Last Call: draft-ietf-tls-extractor(Key… Jeffrey A. Williams
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Stephen Kent
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Pasi.Eronen
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Dean Anderson
- [TLS] Archiving IETF IPR documents was Re: Last C… Dean Anderson
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Simon Josefsson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] Last Call: draft-ietf-tls-extractor (Ke… Erick O
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Peter Saint-Andre
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Marsh Ray
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Marsh Ray
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Marsh Ray
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Dean Anderson
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman
- Re: [TLS] [Ietf-honest] Last Call: draft-ietf-tls… Richard Stallman