Re: [TLS] I-D Action: draft-ietf-tls-external-psk-importer-01.txt

Wed, 02 Oct 2019 06:55:21 -0700 

This update includes recent feedback received on the list and GitHub. There are 
three major changes:

- Target KDFs instead of hash algorithms when importing external PSKs
- Add an opaque "context" slot to the ImportedIdentity struct and describe its 
use for Selfie mitigations
- Remove backwards compatibility ((D)TLS 1.2 and earlier) cruft

(There's a silly formatting issue with the KDF table. We'll fix that in the 
next version.)

Please have a look and provide feedback. PRs are welcome and highly encouraged.

Looking ahead, there is one outstanding PR [1] that discussion. It deviates 
from an original goal of the importer, which was to not make any changes to 
TLS. There's also an issue to better document the importer security 
requirements and goals [2]. We are working on analyzing the importer and should 
be complete before Singapore, at which point we'll update the draft again.

Best,
Chris (no hat)

On Wed, Oct 2, 2019, at 6:44 AM, internet-dra...@ietf.org wrote:
> 
> A New Internet-Draft is available from the on-line Internet-Drafts 
> directories.
> This draft is a work item of the Transport Layer Security WG of the IETF.
> 
>         Title           : Importing External PSKs for TLS
>         Authors         : David Benjamin
>                           Christopher A. Wood
>       Filename        : draft-ietf-tls-external-psk-importer-01.txt
>       Pages           : 9
>       Date            : 2019-10-02
> 
> Abstract:
>    This document describes an interface for importing external PSK (Pre-
>    Shared Key) into TLS 1.3.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-tls-external-psk-importer/
> 
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-ietf-tls-external-psk-importer-01
> https://datatracker.ietf.org/doc/html/draft-ietf-tls-external-psk-importer-01
> 
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-external-psk-importer-01
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to