I would like to ask the working group for comments on the TLS-ECJ-PAKE draft:
https://tools.ietf.org/html/draft-cragie-tls-ecjpake-00 Some brief notes: * This intended status is informational. * The draft is based on TLS/DTLS 1.2 as the Thread group required basis on existing RFCs wherever possible. For that reason and due to the WGs focus on TLS 1.3, I have understood from the chairs that it would not have received a great deal of attention from the WG, hence the intended status of informational. * The draft reflects the current use of the TLS_ECJPAKE_WITH_AES_128_CCM_8 cipher suite in Thread (http://threadgroup.org/). * There is an experimental implementation in mbed TLS ( https://github.com/ARMmbed/mbedtls) * The Thread group would like to get IANA assignments for 4 cipher suite values and one ExtensionType value as soon as possible. * There are at least four independent implementations, which have been used in interop. testing over the last 18 months. * The security considerations recommend restriction of the use of this cipher suite to Thread and similar applications and recommends it should not be used with web browsers and servers (mainly due to the long discussions regarding the use of PAKEs on this and other mailing lists). Robert
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
