Ever heard of the “triple handshake attack” (https://www.secure-resumption.com/)? If not that’s okay because the draft explains the attack and documents an implemented solution that cryptographically bind the master secret to a log of the full handshake. This document is bound for standards track (even though the header doesn’t indicate so) because it’s a TLS extension.
Please note this draft applies to all version of TLS prior to 1.3. TLS 1.3 is going to also going to adopt this work directly into its draft.
Sean Turner is the document shepherd and Stephen Farrell is our über Area Director!
2. Review and Consensus
This document has been reviewed by the WG on the mailing list and has been discussed at numerous TLS meetings (both regularly scheduled IETF meeting and TLS interims). It not only reflects WG consensus it documents an implemented solution.
3. Intellectual Property
[Confirming this as of 2015-03-13]
The shepherd has confirmed the author's direct, personal knowledge of any IPR related to this document has already been disclosed, in conformance with BCPs 78 and 79.
4. Other Points
IANA Considerations: An early IANA code point assignment was made for this registry. When published IANA will make this permanent. The instructions for IANA are well documented.