[TLS] FW: New Version Notification for draft-jay-tls-psk-identity-extension-02.txt
Raja ashok <raja.ashok@huawei.com> Wed, 11 January 2017 12:30 UTC
Return-Path: <raja.ashok@huawei.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C27F129BCD for <tls@ietfa.amsl.com>; Wed, 11 Jan 2017 04:30:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.42
X-Spam-Level:
X-Spam-Status: No, score=-7.42 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-3.199, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OSTWO_Dbk1Fy for <tls@ietfa.amsl.com>; Wed, 11 Jan 2017 04:30:31 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 061DA129BCC for <tls@ietf.org>; Wed, 11 Jan 2017 04:30:30 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml701-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DEF79064; Wed, 11 Jan 2017 12:30:28 +0000 (GMT)
Received: from BLREML408-HUB.china.huawei.com (10.20.4.47) by lhreml701-cah.china.huawei.com (10.201.5.93) with Microsoft SMTP Server (TLS) id 14.3.301.0; Wed, 11 Jan 2017 12:30:26 +0000
Received: from BLREML509-MBX.china.huawei.com ([10.20.5.38]) by BLREML408-HUB.china.huawei.com ([10.20.4.47]) with mapi id 14.03.0301.000; Wed, 11 Jan 2017 18:00:14 +0530
From: Raja ashok <raja.ashok@huawei.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: New Version Notification for draft-jay-tls-psk-identity-extension-02.txt
Thread-Index: AQHSV+2GNKIWZSJWcE++ClDAq6GYuaEzW9qg
Date: Wed, 11 Jan 2017 12:30:14 +0000
Message-ID: <FDFEA8C9B9B6BD4685DCC959079C81F5E1918C90@BLREML509-MBX.china.huawei.com>
Accept-Language: en-US, zh-CN
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.18.213.121]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020204.58762564.0440, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: d8fe6206c3661bb5a1c5c598405cad5c
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/xOD1I2MaRMgpcKWceLMHRqXUrW8>
Subject: [TLS] FW: New Version Notification for draft-jay-tls-psk-identity-extension-02.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jan 2017 12:30:34 -0000
Hi All
A new extension is proposed for [D]TLS1.2 and its lower version(not for [D]TLS1.3), to send PSKID in client hello msg instead of client key exchange msg. Using this extension, client can send its list of PSKIDs to server in its hello msg and server can select any one of them and respond in its hello msg.
- With the help of this extn, PSK cipher handshake can be completed in 1RTT. Messages exchanged are similar to resumption.
- For DHE_PSK, RSA_PSK and ECDHE_PSK ciphers, PSKID in client hello msg gives additional information to server for cipher negotiation. If unknown PSKIDs are present, then server can select any NON PSK cipher or fail at that place only (instead of failing in finished message verification).
Already we received interest and review comments from Nikos Mavrogiannopoulos, David Woodhouse and Andreas Walz. Based on that we have submitted the 3rd version of this document.
I am requesting other members of this group also to look into and provide comments for further improvements.
Regards,
Raja Ashok V K
Huawei Technologies
Bangalore, India
http://www.huawei.com
本邮件及其附件含有华为公司的保密信息,仅限于发送给上面地址中列出的个人或群组。禁
止任何其他人以任何形式使用(包括但不限于全部或部分地泄露、复制、或散发)本邮件中
的信息。如果您错收了本邮件,请您立即电话或邮件通知发件人并删除本邮件!
This e-mail and its attachments contain confidential information from HUAWEI, which
is intended only for the person or entity whose address is listed above. Any use of the
information contained herein in any way (including, but not limited to, total or partial
disclosure, reproduction, or dissemination) by persons other than the intended
recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by
phone or email immediately and delete it!
-----Original Message-----
From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org]
Sent: 17 December 2016 04:11
To: Raja ashok; Raja ashok; Jayaraghavendran Kuppannan
Subject: New Version Notification for draft-jay-tls-psk-identity-extension-02.txt
A new version of I-D, draft-jay-tls-psk-identity-extension-02.txt
has been successfully submitted by Raja Ashok V K and posted to the IETF repository.
Name: draft-jay-tls-psk-identity-extension
Revision: 02
Title: TLS/DTLS PSK Identity Extension
Document date: 2016-12-15
Group: Individual Submission
Pages: 10
URL: https://www.ietf.org/internet-drafts/draft-jay-tls-psk-identity-extension-02.txt
Status: https://datatracker.ietf.org/doc/draft-jay-tls-psk-identity-extension/
Htmlized: https://tools.ietf.org/html/draft-jay-tls-psk-identity-extension-02
Diff: https://www.ietf.org/rfcdiff?url2=draft-jay-tls-psk-identity-extension-02
Abstract:
Pre-Shared Key (PSK) based Key Exchange Mechanism is primarily used
in constrained environments where resource intensive Asymmetric
Cryptography cannot be used. In the Internet of Things (IoT)
deployments, constrained devices are commonly used for collecting
data via sensors for use in home automation, smart energy etc. In
this context, DTLS is being considered as the primary protocol for
communication security at the application layer and in some cases, it
is also being considered for network access authentication.
This document provides a specification for a new extension for
Optimizing DTLS and TLS Handshake when the Pre-Shared Key (PSK) based
Key Exchange is used. This extension is aimed at reducing the number
of messages exchanged and the RTT of the TLS & DTLS Handshakes.
Hi,
I am submitting my 3rd version of our draft(draft-jay-tls-psk-identity-extension) in TLS working group.
Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat
- [TLS] FW: New Version Notification for draft-jay-… Raja ashok
- Re: [TLS] FW: New Version Notification for draft-… Andreas Walz
- Re: [TLS] FW: New Version Notification for draft-… Jayaraghavendran Kuppannan
- Re: [TLS] FW: New Version Notification for draft-… Andreas Walz
- Re: [TLS] FW: New Version Notification for draft-… Jayaraghavendran Kuppannan
- Re: [TLS] New Version Notification for draft-jay-… Russ Housley