[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ietf-saag
Subject:    [saag] IETF67 TLS Summary
From:       Eric Rescorla <ekr () networkresonance ! com>
Date:       2006-11-18 1:22:27
Message-ID: 20061118012532.142355C01E () laser ! networkresonance ! com
[Download RAW message or body]

TLS met on Friday morning.

The major discussion item was TLS 1.2, which is moving along. The only
contentious issue is the PRF. The general theory seemed to be to have a
default PRF (based on SHA-256) and then require future cipher suites to
define their own PRF with a preference for something based on the TLS
PRF. We also discussed the IV for counter mode and GCM but no consensus
was reached and the issue will be taken to the list.

Pasi Eronen presented on a bunch of bugs in the way that TLS stacks
handle legal but unusual record layer constructs. These don't appear to
be security issues but rather interop issues.  It was suggested that TLS
1.2 forbid some unusual behaviors (e.g., empty fragments in the
handshake). Text will be proposed on the list.

Russ Housley gave a presentation on adding signatures to TLS for
evidentiary purposes. This was somewhat contentious but the WG seemed
generally in favor.  This would require a charter change and discussion
on the list.

Tim Polk gave a presentation on some issues NIST had with TLS. Mostly
these are minor issues or clarifications. Resolutions to be proposed on
the list.

Stefan Stantesson gave a presentation on an approach he's been working
on for integrating GSS-API with TLS. This was quite contentious and no
consensus seemed on hand. However, no actual draft is available so the
next stage is for Stefan to circulate one.

-Ekr




_______________________________________________
saag mailing list
saag@mit.edu
http://mailman.mit.edu/mailman/listinfo/saag
[prev in list] [next in list] [prev in thread] [next in thread]