Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
draft-ietf-tls-session-hash-06
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2015-09-14
|
06 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2015-08-18
|
06 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2015-08-11
|
06 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2015-08-09
|
06 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2015-07-07
|
06 | (System) | IANA Action state changed to Waiting on RFC Editor from In Progress |
2015-07-07
|
06 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
2015-07-07
|
06 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2015-07-07
|
06 | Cindy Morgan | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2015-07-07
|
06 | (System) | RFC Editor state changed to EDIT |
2015-07-07
|
06 | (System) | Announcement was received by RFC Editor |
2015-07-06
|
06 | (System) | IANA Action state changed to In Progress |
2015-07-06
|
06 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2015-07-06
|
06 | Amy Vezza | IESG has approved the document |
2015-07-06
|
06 | Amy Vezza | Closed "Approve" ballot |
2015-07-06
|
06 | Amy Vezza | Ballot approval text was generated |
2015-07-06
|
06 | Amy Vezza | Ballot writeup was changed |
2015-07-06
|
06 | Amy Vezza | IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup |
2015-07-05
|
06 | Karthikeyan Bhargavan | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2015-07-05
|
06 | Karthikeyan Bhargavan | New version available: draft-ietf-tls-session-hash-06.txt |
2015-07-02
|
05 | Jean Mahoney | Closed request for Telechat review by GENART with state 'No Response' |
2015-05-16
|
05 | Barry Leiba | [Ballot comment] The last paragraph of Section 4 makes me wonder whether this should "update" 5246. Basically, while this is an extension (which wouldn't normally … [Ballot comment] The last paragraph of Section 4 makes me wonder whether this should "update" 5246. Basically, while this is an extension (which wouldn't normally use "updates"), it's one that you're proposing as standard behavior, and not really as an extension. |
2015-05-16
|
05 | Barry Leiba | [Ballot Position Update] Position for Barry Leiba has been changed to Yes from Discuss |
2015-05-15
|
05 | Gunter Van de Velde | Closed request for Last Call review by OPSDIR with state 'No Response' |
2015-05-15
|
05 | Tero Kivinen | Closed request for Telechat review by SECDIR with state 'No Response' |
2015-05-14
|
05 | Cindy Morgan | IESG state changed to IESG Evaluation::AD Followup from IESG Evaluation |
2015-05-13
|
05 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2015-05-13
|
05 | Ben Campbell | [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell |
2015-05-13
|
05 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2015-05-11
|
05 | Spencer Dawkins | [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins |
2015-05-11
|
05 | Alia Atlas | [Ballot comment] I agree with Barry's question. |
2015-05-11
|
05 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
2015-05-11
|
05 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2015-05-11
|
05 | Brian Haberman | [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman |
2015-05-11
|
05 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2015-05-09
|
05 | Barry Leiba | [Ballot discuss] This is a DISCUSS purely because I want to discuss it; whatever the result is, I will be clearing the DISCUSS, and not … [Ballot discuss] This is a DISCUSS purely because I want to discuss it; whatever the result is, I will be clearing the DISCUSS, and not delaying the document on this point: The last paragraph of Section 4 makes me wonder whether this should "update" 5246. Basically, while this is an extension (which wouldn't normally use "updates"), it's one that you're proposing as standard behavior, and not really as an extension. |
2015-05-09
|
05 | Barry Leiba | [Ballot Position Update] New position, Discuss, has been recorded for Barry Leiba |
2015-05-09
|
05 | Terry Manderson | [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson |
2015-05-09
|
05 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2015-05-08
|
05 | Kathleen Moriarty | [Ballot comment] Thank you for your work on this and a well-written draft! The considerations are very thorough, every time I had a question, I … [Ballot comment] Thank you for your work on this and a well-written draft! The considerations are very thorough, every time I had a question, I was able to find an answer in the draft. I do think a couple more references could be helpful though. 1. I think it would be good for section 6.4 to note that SSL 3.0 has been deprecated in https://datatracker.ietf.org/doc/draft-ietf-tls-sslv3-diediedie/ It's ahead of this draft in the RFC editor queue. 2. It might be good to have a pointer to the UTA TLS Attack RFC7457 as this attack is described in section 2.11 and there is no reference to a fix. It would be nice to show that known attacks are being resolved. https://tools.ietf.org/html/rfc7457#section-2.11 |
2015-05-08
|
05 | Kathleen Moriarty | [Ballot Position Update] New position, Yes, has been recorded for Kathleen Moriarty |
2015-05-07
|
05 | Jean Mahoney | Request for Telechat review by GENART is assigned to Russ Housley |
2015-05-07
|
05 | Jean Mahoney | Request for Telechat review by GENART is assigned to Russ Housley |
2015-05-07
|
05 | Tero Kivinen | Request for Telechat review by SECDIR is assigned to Radia Perlman |
2015-05-07
|
05 | Tero Kivinen | Request for Telechat review by SECDIR is assigned to Radia Perlman |
2015-05-06
|
05 | (System) | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
2015-05-06
|
05 | Stephen Farrell | Placed on agenda for telechat - 2015-05-14 |
2015-05-06
|
05 | Stephen Farrell | IESG state changed to IESG Evaluation from Waiting for Writeup::AD Followup |
2015-05-06
|
05 | Stephen Farrell | Ballot has been issued |
2015-05-06
|
05 | Stephen Farrell | [Ballot Position Update] New position, Yes, has been recorded for Stephen Farrell |
2015-05-06
|
05 | Stephen Farrell | Created "Approve" ballot |
2015-05-06
|
05 | Stephen Farrell | Ballot writeup was changed |
2015-05-06
|
05 | Stephen Farrell | Changed consensus to Yes from Unknown |
2015-04-16
|
05 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2015-04-16
|
05 | Karthikeyan Bhargavan | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2015-04-16
|
05 | Karthikeyan Bhargavan | New version available: draft-ietf-tls-session-hash-05.txt |
2015-04-16
|
04 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Has Issues. Reviewer: Radia Perlman. |
2015-04-14
|
04 | Stephen Farrell | IESG state changed to Waiting for Writeup::Revised I-D Needed from Waiting for Writeup |
2015-04-13
|
04 | (System) | IANA Review state changed to IANA OK - Actions Needed from IANA - Review Needed |
2015-04-13
|
04 | Amanda Baber | IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-tls-session-hash-04. Please report any inaccuracies as soon as possible. IANA's reviewer has the following comments: IANA understands that, upon approval … IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-tls-session-hash-04. Please report any inaccuracies as soon as possible. IANA's reviewer has the following comments: IANA understands that, upon approval of this document, there is a single action that must be completed. In the ExtensionType Values registry under the Transport Layer Security (TLS) Extensions heading at https://www.iana.org/assignments/tls-extensiontype-values/ the extension code point 23 (0x0017) for the "extended_master_secret" extension will be changed from a temporary assignment to a permanent assignment with a reference pointing to [ RFC-to-be ]. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed. |
2015-04-13
|
04 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
2015-04-05
|
04 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Kiran Chittimaneni |
2015-04-05
|
04 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Kiran Chittimaneni |
2015-04-02
|
04 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Radia Perlman |
2015-04-02
|
04 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Radia Perlman |
2015-03-30
|
04 | Jean Mahoney | Request for Last Call review by GENART is assigned to Russ Housley |
2015-03-30
|
04 | Jean Mahoney | Request for Last Call review by GENART is assigned to Russ Housley |
2015-03-30
|
04 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2015-03-30
|
04 | Amy Vezza | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Transport Layer Security (TLS) Session … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension) to Proposed Standard The IESG has received a request from the Transport Layer Security WG (tls) to consider the following document: - 'Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2015-04-13. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The Transport Layer Security (TLS) master secret is not cryptographically bound to important session parameters such as the server certificate. Consequently, it is possible for an active attacker to set up two sessions, one with a client and another with a server, such that the master secrets on the two sessions are the same. Thereafter, any mechanism that relies on the master secret for authentication, including session resumption, becomes vulnerable to a man-in-the-middle attack, where the attacker can simply forward messages back and forth between the client and server. This specification defines a TLS extension that contextually binds the master secret to a log of the full handshake that computes it, thus preventing such attacks. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-tls-session-hash/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-tls-session-hash/ballot/ No IPR declarations have been submitted directly on this I-D. ID-NITs says this uses "NOT RECOMMENDED" but that that's not called out as a term. We'll fix that. |
2015-03-30
|
04 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
2015-03-30
|
04 | Amy Vezza | Last call announcement was changed |
2015-03-30
|
04 | Amy Vezza | Notification list changed to draft-ietf-tls-session-hash@ietf.org, tls-chairs@ietf.org, draft-ietf-tls-session-hash.shepherd@ietf.org, turners@ieca.com, draft-ietf-tls-session-hash.ad@ietf.org, tls@ietf.org from "Sean Turner" <turners@ieca.com> |
2015-03-28
|
04 | Stephen Farrell | Last call was requested |
2015-03-28
|
04 | Stephen Farrell | Ballot approval text was generated |
2015-03-28
|
04 | Stephen Farrell | Ballot writeup was generated |
2015-03-28
|
04 | Stephen Farrell | IESG state changed to Last Call Requested from Publication Requested |
2015-03-28
|
04 | Stephen Farrell | Last call announcement was changed |
2015-03-28
|
04 | Stephen Farrell | Last call announcement was generated |
2015-03-19
|
04 | Sean Turner | 1. Summary Ever heard of the “triple handshake attack” (https://www.secure-resumption.com/)? If not that’s okay because the draft explains the attack and documents an implemented … 1. Summary Ever heard of the “triple handshake attack” (https://www.secure-resumption.com/)? If not that’s okay because the draft explains the attack and documents an implemented solution that cryptographically bind the master secret to a log of the full handshake. This document is bound for standards track (even though the header doesn’t indicate so) because it’s a TLS extension. Please note this draft applies to all version of TLS prior to 1.3. TLS 1.3 is going to also going to adopt this work directly into its draft. Sean Turner is the document shepherd and Stephen Farrell is our über Area Director! 2. Review and Consensus This document has been reviewed by the WG on the mailing list and has been discussed at numerous TLS meetings (both regularly scheduled IETF meeting and TLS interims). It not only reflects WG consensus it documents an implemented solution. 3. Intellectual Property [Confirming this as of 2015-03-13] The shepherd has confirmed the author's direct, personal knowledge of any IPR related to this document has already been disclosed, in conformance with BCPs 78 and 79. 4. Other Points DOWNREFs: None. IANA Considerations: An early IANA code point assignment was made for this registry. When published IANA will make this permanent. The instructions for IANA are well documented. |
2015-03-19
|
04 | Sean Turner | Responsible AD changed to Stephen Farrell |
2015-03-19
|
04 | Sean Turner | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2015-03-19
|
04 | Sean Turner | IESG state changed to Publication Requested |
2015-03-19
|
04 | Sean Turner | IESG process started in state Publication Requested |
2015-03-19
|
04 | Sean Turner | Tag Revised I-D Needed - Issue raised by WG cleared. |
2015-03-19
|
04 | Sean Turner | IETF WG state changed to WG Consensus: Waiting for Write-Up from Waiting for WG Chair Go-Ahead |
2015-03-13
|
04 | Sean Turner | Changed document writeup |
2015-03-13
|
04 | Sean Turner | Intended Status changed to Proposed Standard from None |
2015-03-09
|
04 | Karthikeyan Bhargavan | New version available: draft-ietf-tls-session-hash-04.txt |
2014-12-15
|
03 | Sean Turner | Notification list changed to "Sean Turner" <turners@ieca.com> |
2014-12-15
|
03 | Sean Turner | Document shepherd changed to Sean Turner |
2014-12-15
|
03 | Sean Turner | Tag Revised I-D Needed - Issue raised by WG set. |
2014-12-15
|
03 | Sean Turner | IETF WG state changed to Waiting for WG Chair Go-Ahead from In WG Last Call |
2014-11-24
|
03 | Sean Turner | IETF WG state changed to In WG Last Call from WG Document |
2014-11-12
|
03 | Alfredo Pironti | New version available: draft-ietf-tls-session-hash-03.txt |
2014-10-06
|
02 | Alfredo Pironti | New version available: draft-ietf-tls-session-hash-02.txt |
2014-08-22
|
01 | Alfredo Pironti | New version available: draft-ietf-tls-session-hash-01.txt |
2014-08-19
|
00 | Alfredo Pironti | New version available: draft-ietf-tls-session-hash-00.txt |