The most recent draft of the "Updates to the TLS Transport Model for SNMP" is now available at https://www.ietf.org/archive/id/draft-ietf-opsawg-tlstm-update-02.html.
This document is being developed by OPSAWG, but obviously relates to TLS so we would like to make sure that there is full awareness of this document within both groups before we start the process to finalize the document. This version reflects the discussions during IETF 113 and creates a TLSTM HashAlgorithm registry that will initially parallel the entries in the TLS (1.2) Hashing Algorithm Table. However, whereas TLS experts have expressed a desire to freeze the TLS Hashing Algorithm Table (to prevent new hashing algorithms from being used with TLS 1.2), the TLSTM HashAlgorithm registry will continue to add values as needed (so that the TLSTM fingerprint algorithm can still be used with minimal impact to existing code). We have also added the following two requirements to section 6 (IANA Considerations): - A new entry MUST be added to the TLSTM HashAlgorithm registry when new (D)TLS hashing algorithm are defined. - Any updates to the existing IANA TLS Hashing Algorithm Table MUST be consistent with the assignments in TLSTM HashAlgorithm registry (it is not expected that the TLS Hashing Algorithm Table will ever be updated, but the backwards compatibility of the standard is premised on this assumption so the constraint must be stated) Other changes include: Revised the title and abbreviation to be an update with no reference to TLS version number. Removed references to 1.3 except where needed Deleted paragraph regarding the terminology of "principle" as the term is not used. Removed double quotes around "obsolete" within SnmpTLSFingerprint DESCRIPTION clause. Revised text to use a consistent name for the proposed hash algorithm table (TLSTM HashAlgorithm Registry) Removed references not used in this document Removed appendix examples (i.e., the examples in RFC 6353 no longer need to change) The one change that was suggested and not implemented was a request to add additional hashing algorithms to the proposed table. I believe the proposal was to add the additional algorithms that are included in an INCOSE table (with newly assigned numbers). I searched for such a list but could not find one. Perhaps I misunderstood the source for this list? I am happy extend the list if someone can provide the correct reference. I believe this version is near final and I am notifying by both the OPSAWG and TLSWG to review to ensure that we have consensus. I welcome your inputs. Regards, Ken Vaughn Trevilon LLC 6606 FM 1488 RD #148-503 Magnolia, TX 77354 +1-936-647-1910 +1-571-331-5670 cell kvau...@trevilon.com www.trevilon.com > Begin forwarded message: > > From: internet-dra...@ietf.org > Subject: New Version Notification for draft-ietf-opsawg-tlstm-update-02.txt > Date: April 6, 2022 at 6:38:45 PM CDT > To: "Kenneth Vaughn" <kvau...@trevilon.com> > > > A new version of I-D, draft-ietf-opsawg-tlstm-update-02.txt > has been successfully submitted by Kenneth Vaughn and posted to the > IETF repository. > > Name: draft-ietf-opsawg-tlstm-update > Revision: 02 > Title: Updates to the TLS Transport Model for SNMP > Document date: 2022-04-06 > Group: opsawg > Pages: 30 > URL: > https://www.ietf.org/archive/id/draft-ietf-opsawg-tlstm-update-02.txt > Status: > https://datatracker.ietf.org/doc/draft-ietf-opsawg-tlstm-update/ > Html: > https://www.ietf.org/archive/id/draft-ietf-opsawg-tlstm-update-02.html > Htmlized: > https://datatracker.ietf.org/doc/html/draft-ietf-opsawg-tlstm-update > Diff: > https://www.ietf.org/rfcdiff?url2=draft-ietf-opsawg-tlstm-update-02 > > Abstract: > This document updates the TLS Transport Model (TLSTM), as defined in > RFC 6353, to reflect changes necessary to support Transport Layer > Security Version 1.3 (TLS) and Datagram Transport Layer Security > Version 1.3 (DTLS), which are jointly known as "(D)TLS". This > document is compatible with (D)TLS version 1.2 and is intended to be > compatible with future versions of SNMP and (D)TLS. > > This document updates the SNMP-TLS-TM-MIB as defined in RFC 6353. > > > > > The IETF Secretariat > > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
