Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and AES Galois Counter Mode
RFC 5487

Note: This ballot was opened for revision 05 and is now closed.

(Pasi Eronen; former steering group member) Yes

Yes ()
No email
send info

(Chris Newman; former steering group member) No Objection

No Objection (2009-01-28)
No email
send info
It would be helpful to add an informative reference to a definition of
the term "Perfect Forward Secrecy."  That term has a technical meaning
that may differ from a layman's interpretation of the words.  RFC 4949
may be a suitable reference.

(Cullen Jennings; former steering group member) No Objection

No Objection ()
No email
send info

(Dan Romascanu; former steering group member) No Objection

No Objection ()
No email
send info

(David Ward; former steering group member) No Objection

No Objection ()
No email
send info

(Jari Arkko; former steering group member) No Objection

No Objection ()
No email
send info

(Jon Peterson; former steering group member) No Objection

No Objection ()
No email
send info

(Lisa Dusseault; former steering group member) No Objection

No Objection ()
No email
send info

(Magnus Westerlund; former steering group member) No Objection

No Objection ()
No email
send info

(Mark Townsley; former steering group member) No Objection

No Objection ()
No email
send info

(Ron Bonica; former steering group member) No Objection

No Objection ()
No email
send info

(Ross Callon; former steering group member) No Objection

No Objection ()
No email
send info

(Russ Housley; former steering group member) No Objection

No Objection (2009-01-28)
No email
send info
  The Gen-ART Review by Robert Sparks posted on 22-Jan-2009
  raised a few editorial comments that ought to be addressed:

  1) In the applicability statement, consider pointing to (or moving
  forward) the statement in 4279.

  2) The IANA considerations section should name the registry (btw -  
  where are the instructions to IANA on how to choose the next numbers?)

(Tim Polk; former steering group member) No Objection

No Objection (2009-01-27)
No email
send info
I don't quite follow the second paragraph of the security considerations:

   As described in [RFC5288], the cipher suites defined in the Section
   2 of this document may only be used with TLS 1.2 or greater. The
   cipher suites defined in the Section 3 may be used, whatever the
   negotiated TLS version is.

Is the point that cipher suites defined in section 3 provide slightly more cryptographic
security if version 1.2 has been negotiated, since we are using a stronger hash in the
PRF?  As written, this paragraph restates an interoperability issue (already rasied in 1.1) 
rather than  a security consideration.