Technical Summary
The Transport Layer Security (TLS) protocol provides
secure communications for connection-oriented data. A large
number of network protocols operate over TCP or other
connection oriented transports. TLS provides a generic
security layer which allows these protocols to treat a
connection as an authenticated, confidential channel. TLS 1.0
and it's predecessor SSL are widely deployed. TLS 1.1 is an
update to TLS 1.0 which clarifies some issues and fixes some
known security problems.
Working Group Summary
This document is a fairly minor update to TLS 1.0. There are
only a few technical changes, and they were fairly noncontroversial.
No important unresolved issues were raised in Working Group Last
Call.
Protocol Quality
TLS 1.0 is very widely deployed. GnuTLS claims to support TLS 1.1.
Some of the changes in TLS 1.0 (reducing the number of different
alert types sent) are implemented in standard TLS 1.0 implementations
as well. The remaining changes to make TLS 1.1 (the explicit IV)
are very minor and have already been implemented in OpenSSL in
the context of DTLS, though not TLS.
This document was reviewed by Russ Housley for the IESG.