Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and AES Galois Counter Mode
RFC 5487

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>, 
    tls mailing list <tls@ietf.org>, 
    tls chair <tls-chairs@tools.ietf.org>
Subject: Protocol Action: 'Pre-Shared Key Cipher Suites for 
         Transport Layer Security (TLS) with SHA-256/384 and AES Galois 
         Counter Mode' to Proposed Standard 

The IESG has approved the following document:

- 'Pre-Shared Key Cipher Suites for Transport Layer Security (TLS) with 
   SHA-256/384 and AES Galois Counter Mode '
   <draft-ietf-tls-psk-new-mac-aes-gcm-05.txt> as a Proposed Standard

This document is the product of the Transport Layer Security Working 
Group. 

The IESG contact persons are Pasi Eronen and Tim Polk.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-tls-psk-new-mac-aes-gcm-05.txt

Technical Summary

   RFC 4279 and RFC 4785 describe pre-shared key cipher suites for
   Transport Layer Security (TLS).  However, all those cipher suites
   use SHA-1 as their MAC algorithm.  This document describes a set of
   pre-shared key cipher suites for TLS which uses stronger digest
   algorithms (i.e., SHA-256 or SHA-384) and another set which uses
   the Advanced Encryption Standard (AES) in Galois Counter Mode
   (GCM).

Working Group Summary

   This document is a product of the Transport Layer Security (TLS)
   Working Group. The document represents the consensus of the TLS
   working group.

Document Quality

   There are no existing implementations, but working group
   members have shown interest in the document.

Personnel

   The document shepherd is Joe Salowey. The responsible area
   director is Pasi Eronen.

RFC Editor Note

  Please add the following sentence to the end of Section 1.1:

  "The applicability statement in [RFC4279] applies to this document
  as well."

   Please remove the following paragraph from Section 4:

   "As described in [RFC5288], the cipher suites defined in the Section 
   2 of this document may only be used with TLS 1.2 or greater. The 
   cipher suites defined in the Section 3 may be used, whatever the 
   negotiated TLS version is. "