Technical Summary
This document extends RFC 4279, RFC 4492 and RFC 4785, and
specifies a set of cipher suites that use a pre-shared key (PSK)
to authenticate an Elliptic Curve Diffie-Hellman exchange
(ECDH). These cipher suites provide Perfect Forward Secrecy (PFS).
Working Group Summary
This document is a product of the Transport Layer Security (TLS)
Working Group. The document represents the consensus of the TLS
working group.
Document Quality
There are no existing implementations, but working group
members have shown interest in the document.
Personnel
The document shepherd is Joe Salowey. The responsible area
director is Pasi Eronen.
RFC Editor Note
Please add the following sentence to the end of Section 1.1:
"The applicability statement in [RFC4279] applies to this document
as well."
Section 5, 2nd paragraph:
OLD:
Given the current state of published to date crypto attacks,
HMAC-SHA1 apparently is not (yet) so bad that we need to risk
breaking interoperability with previous versions of TLS.
However, implementers and administrators should monitor the
general statements on recommended cryptographic algorithms
published from time to time by various forums including the
IETF, as a base for the portfolio they support and the policies
for strength of function acceptable for the cipher suites they
set.
NEW:
Implementers and administrators should monitor the general
statements on recommended cryptographic algorithms (e.g., SHA-1
hash function) published from time to time by various forums
including the IETF, as a base for the portfolio they support and
the policies for strength of function acceptable for the cipher
suites they set.