[TLS] I-D Action: draft-ietf-tls-session-hash-02.txt
internet-drafts@ietf.org Mon, 06 October 2014 13:16 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 374731A6F24; Mon, 6 Oct 2014 06:16:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ykV1CpoAsd4m; Mon, 6 Oct 2014 06:16:27 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F29E1A6F29; Mon, 6 Oct 2014 06:16:25 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 5.6.3.p3
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20141006131625.5451.13842.idtracker@ietfa.amsl.com>
Date: Mon, 06 Oct 2014 06:16:25 -0700
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/xziGo1kmwVKPbxHmSCaXDTvxK1o
Cc: tls@ietf.org
Subject: [TLS] I-D Action: draft-ietf-tls-session-hash-02.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Oct 2014 13:16:30 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Transport Layer Security Working Group of the IETF.
Title : Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
Authors : Karthikeyan Bhargavan
Antoine Delignat-Lavaud
Alfredo Pironti
Adam Langley
Marsh Ray
Filename : draft-ietf-tls-session-hash-02.txt
Pages : 9
Date : 2014-10-06
Abstract:
The Transport Layer Security (TLS) master secret is not
cryptographically bound to important session parameters such as the
client and server identities. Consequently, it is possible for an
active attacker to set up two sessions, one with a client and another
with a server, such that the master secrets on the two sessions are
the same. Thereafter, any mechanism that relies on the master secret
for authentication, including session resumption, becomes vulnerable
to a man-in-the-middle attack, where the attacker can simply forward
messages back and forth between the client and server. This
specification defines a TLS extension that contextually binds the
master secret to a log of the full handshake that computes it, thus
preventing such attacks.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-tls-session-hash/
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-tls-session-hash-02
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-tls-session-hash-02
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- [TLS] I-D Action: draft-ietf-tls-session-hash-02.… internet-drafts
- Re: [TLS] I-D Action: draft-ietf-tls-session-hash… Alfredo Pironti
- Re: [TLS] I-D Action: draft-ietf-tls-session-hash… Manuel Pégourié-Gonnard
- Re: [TLS] I-D Action: draft-ietf-tls-session-hash… Alfredo Pironti