Re: [TLS] TLS Charter Revision
"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Tue, 10 December 2013 06:39 UTC
Return-Path: <jsalowey@cisco.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69A551AE1E9 for <tls@ietfa.amsl.com>; Mon, 9 Dec 2013 22:39:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.502
X-Spam-Level:
X-Spam-Status: No, score=-14.502 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pIg8YUFKUhcZ for <tls@ietfa.amsl.com>; Mon, 9 Dec 2013 22:39:04 -0800 (PST)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) by ietfa.amsl.com (Postfix) with ESMTP id EDB611AE2D1 for <tls@ietf.org>; Mon, 9 Dec 2013 22:39:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2319; q=dns/txt; s=iport; t=1386657539; x=1387867139; h=from:to:subject:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=lOpDRoV+vt5/dik9AgaMxaxUVgQDrNTzN8ieH6J71eo=; b=If2gsBEWKs9EgvAcuFT9iHF+q9xcjhtYbAxa5xFsYlFshIZVmTsTjvT4 GCOHpS4crS26979tMO9T1893JRTfQ9md1FUlJhRlC7zcqRKwfP19UrDE8 p1fYyNzvJ7vEWh2WENlNrlWQ2vQ8J/K6gMrd1+nSTGgTb4NS5+okurNIM Q=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhQFAIa2plKtJV2d/2dsb2JhbABZgwc4U6cakXuBHBZ0giYBAQQ6TwIBCDAGEDIlAgSIFcBnF48MGIMIgRMDlDGDY5ITgymBaiQc
X-IronPort-AV: E=Sophos;i="4.93,864,1378857600"; d="scan'208";a="290458283"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-2.cisco.com with ESMTP; 10 Dec 2013 06:38:58 +0000
Received: from xhc-aln-x09.cisco.com (xhc-aln-x09.cisco.com [173.36.12.83]) by rcdn-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id rBA6cwEW019443 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for <tls@ietf.org>; Tue, 10 Dec 2013 06:38:58 GMT
Received: from xmb-rcd-x09.cisco.com ([169.254.9.118]) by xhc-aln-x09.cisco.com ([173.36.12.83]) with mapi id 14.03.0123.003; Tue, 10 Dec 2013 00:38:58 -0600
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [TLS] TLS Charter Revision
Thread-Index: AQHO75QH12xj16hlv0SmAgrMfgWOIZpNamwA
Date: Tue, 10 Dec 2013 06:38:57 +0000
Message-ID: <A86275E1-44B7-444B-9E50-FD6DE5CC5190@cisco.com>
References: <2F2286E3-7717-4E8F-B1EA-B2E4155F7C17@cisco.com>
In-Reply-To: <2F2286E3-7717-4E8F-B1EA-B2E4155F7C17@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.33.249.48]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <DD96C838BF4348449291CE7CD1DE7A5D@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [TLS] TLS Charter Revision
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2013 06:39:05 -0000
Updated Charter text based on the discussion so far is below. Changes: 1. Fixed typos 2. Third bullet to "Update record payload protection cryptographic mechanisms and algorithms to address known weaknesses in the CBC block cipher modes and to replace RC4." Thanks, Joe The TLS (Transport Layer Security) working group was established in 1996 to standardize a 'transport layer' security protocol. The basis for the work was SSL (Secure Socket Layer) v3.0. The TLS working group has completed a series of specifications that describe the TLS protocol v1.0, v1.1, and v1.2 and DTLS (Datagram TLS) v1.2 as well as extensions to the protocols and ciphersuites. The primary purpose of the working group is to develop (D)TLS v1.3. Some of the main design goals are as follows, in no particular order: o Develop a mode that encrypts as much of the handshake as is possible to reduce the amount of observable data to both passive and active attackers. o Develop modes to reduce handshake latency, which primarily support HTTP-based applications, aiming for one roundtrip for a full handshake and one or zero roundtrip for repeated handshakes. o Update record payload protection cryptographic mechanisms and algorithms to address known weaknesses in the CBC block cipher modes and to replace RC4. o Reevaluate handshake contents, e.g.,: Is time needed in client hello? Should signature in server key exchange cover entire handshake? Are bigger randoms required? Should there be distinct cipher list for each version? A secondary purpose is to maintain previous version of the (D)TLS protocols as well as to specify the use of (D)TLS, recommendations for use of (D)TLS, extensions to (D)TLS, and cipher suites. However, changes or additions to older versions of (D)TLS whether via extensions or ciphersuites are discouraged and require significant justification to be taken on as work items. With these objectives in mind, the TLS WG will also place a priority in minimizing gratuitous changes to TLS. Milestone/Dates: 201311 - Out-of-Band Public Key Validation for TLS to IESG 201401 - Secure Password Ciphersuites for TLS to IESG 201404 - TLS ALPN (Application Layer Protocol Negotiation) Extension to IESG 201411 - (D)TLS 1.3 to IESG
- [TLS] TLS Charter Revision Joseph Salowey (jsalowey)
- Re: [TLS] TLS Charter Revision Daniel Kahn Gillmor
- Re: [TLS] TLS Charter Revision Watson Ladd
- Re: [TLS] TLS Charter Revision Marsh Ray
- Re: [TLS] TLS Charter Revision Watson Ladd
- Re: [TLS] TLS Charter Revision Trevor Perrin
- Re: [TLS] TLS Charter Revision Nikos Mavrogiannopoulos
- Re: [TLS] TLS Charter Revision Martin Thomson
- Re: [TLS] TLS Charter Revision Mohamad Badra
- Re: [TLS] TLS Charter Revision Stephen Farrell
- Re: [TLS] TLS Charter Revision Joseph Salowey (jsalowey)
- Re: [TLS] TLS Charter Revision Yaron Sheffer
- Re: [TLS] TLS Charter Revision Stephen Farrell
- Re: [TLS] TLS Charter Revision Yoav Nir
- Re: [TLS] TLS Charter Revision Hovav Shacham
- Re: [TLS] TLS Charter Revision Salz, Rich
- Re: [TLS] TLS Charter Revision Michael Sweet
- Re: [TLS] TLS Charter Revision Patrick McManus
- Re: [TLS] TLS Charter Revision Michael Sweet
- Re: [TLS] TLS Charter Revision Eric Rescorla
- Re: [TLS] TLS Charter Revision Salz, Rich
- Re: [TLS] TLS Charter Revision Watson Ladd
- Re: [TLS] TLS Charter Revision Brian Smith
- Re: [TLS] TLS Charter Revision Salz, Rich
- Re: [TLS] TLS Charter Revision Marsh Ray
- Re: [TLS] TLS Charter Revision Joseph Salowey (jsalowey)
- Re: [TLS] TLS Charter Revision Rene Struik
- Re: [TLS] TLS Charter Revision Sean Turner