The IESG has approved the following document: - 'Guidance for External PSK Usage in TLS' (draft-ietf-tls-external-psk-guidance-05.txt) as Informational RFC
This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-tls-external-psk-guidance/ Technical Summary This document was born from a DT (Design Team) formed after discussions at IETF 106 about draft-ietf-tls-external-psk-importer made it clear that some guidance was needed with respect to PSK (Pre-Shared Key) usage. It summarizes known use cases and risks, and offers guidance on using PSKs securely in TLS. Working Group Summary The DT was comprised of the following participants: Benjamin Beurdouche, Bjoern Haase, Christopher Wood, Colm MacCarthaigh, Eric Rescorla, Jonathan Hoyland, Martin Thomson, Mohamad Badra, Mohit Sethi, Oleg Pekar, Owen Friel, and Russ Housley. In addition to this powerhouse DT providing input on the original version of the document, the document was also reviewed by the following people: Scott Hollenbeck, Jim Schaad, Carrick Bartle, Watson Ladd, John Mattsson, Ben Smyth, and Jonathan Hammell. The Shepherd has no concerns whatsoever about the breadth and depth of reviews. The DT’s output was presented at a virtual interim meeting. The remainder of the discussion occurred on the list. Document Quality The document does not specify a protocol per se, but it has been well reviewed and implementations either implement the guidance or allow library consumers to do so directly. Personnel Sean Turner is the document Shepherd. Ben Kaduk is the responsible Area Director. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
