Internet-Draft draft-ietf-tls-extended-key-update-04.txt is now available. It
is a work item of the Transport Layer Security (TLS) WG of the IETF.
Title: Extended Key Update for Transport Layer Security (TLS) 1.3
Authors: Hannes Tschofenig
Michael Tüxen
Tirumaleswar Reddy
Steffen Fries
Yaroslav Rosomakho
Name: draft-ietf-tls-extended-key-update-04.txt
Pages: 16
Dates: 2025-03-03
Abstract:
The Transport Layer Security (TLS) 1.3 specification provides forward
secrecy by utilizing an ephemeral key exchange during the initial
handshake. Forward secrecy ensures that even if an attacker later
obtains a party's long-term private key, past encrypted sessions
cannot be decrypted. This protects against adversaries who record
encrypted conversations in the hope of decrypting them later.
TLS 1.3 also includes a Key Update mechanism, allowing cryptographic
keys to be refreshed during an ongoing session. However, this update
does not establish new forward-secret key material. While this is
generally not an issue for short-lived sessions, it can pose a
security risk for long-lived connections, such as those in industrial
IoT or telecommunication networks, where an attacker could compromise
application traffic secrets after the initial handshake.
Earlier versions of TLS supported session renegotiation, a mechanism
that allowed peers to establish new cryptographic parameters within
an existing session. This included the ability to update the
originally used long-term keys (certificates) with renewed
credentials. However, due to security vulnerabilities, the
renegotiation mechanism was modified via RFC 5746 and later removed
entirely in TLS 1.3, leaving a gap in TLS's ability to refresh
cryptographic material securely.
This specification introduces an extended key update mechanism that
supports forward secrecy, forcing attackers to continuously
exfiltrate key material throughout the session to decrypt the entire
conversation.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-tls-extended-key-update/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-tls-extended-key-update-04.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-tls-extended-key-update-04
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]
