AES-CCM Cipher Suites for Transport Layer Security (TLS)
RFC 6655

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>
Subject: Protocol Action: 'AES-CCM Cipher Suites for TLS' to Proposed Standard (draft-mcgrew-tls-aes-ccm-04.txt)

The IESG has approved the following document:
- 'AES-CCM Cipher Suites for TLS'
  (draft-mcgrew-tls-aes-ccm-04.txt) as Proposed Standard

This document has been reviewed in the IETF but is not the product of an
IETF Working Group.

The IESG contact person is Sean Turner.

A URL of this Internet Draft is:

Technical Summary

The document describes 16 additional cipher suites for TLS based on PSK
and RSA and using AES-CCM for the AEAD algorithm to provide
confidentiality and data origin authentication. The document is based on
RFC 5487 and RFC 5288, which describe equivalent cipher suites using
AES-GCM for the AEAD algorithm. AES-CCM is chosen as it is amenable to
compact implementations and is thus suitable for constrained devices. It
also describes using a truncated AEAD MAC for constrained environments
where packet length is an important consideration.

Working Group Summary

There was some debate about the intended status of this document, which
is standards track. The desired intended status is to reflect that of
RFC 5288 and RFC 5487, on which it is based. There were no other
contentious issues.

Document Quality

The AES-CCM algorithm is widely use in IEEE 802.11, IEEE 802.15 and
other protocols. The TLS_PSK_WITH_AES_128_CCM_8 cipher suite has been
implemented by 9 vendors and proved interoperable amongst those vendors
as part of the ZigBee IP stack development process. This cipher suite
will form an integral part of the authentication process for the ZigBee
IP stack. 


Joe Salowey <> is the Document Shepherd.
Sean Turner <> is the responsible AD.
Eric Rescorla <> is the IANA expert.