Transport Layer Security (tls)

Last Modified: 2007-10-01

Additional information is available at tools.ietf.org/wg/tls

Chair(s):

  • Eric Rescorla <ekr@networkresonance.com>

  • Pasi Eronen <pasi.eronen@nokia.com>

    Security Area Director(s):

  • Tim Polk <tim.polk@nist.gov>
  • Sam Hartman <hartmans-ietf@mit.edu>

    Security Area Advisor:

  • Tim Polk <tim.polk@nist.gov>

    Technical Advisor(s):

  • Allison Mankin <mankin@psg.com>

    Mailing Lists:

    General Discussion: tls@ietf.org
    To Subscribe: https://www1.ietf.org/mailman/listinfo/tls
    Archive: http://www.ietf.org/mail-archive/web/tls/current/index.html

    Description of Working Group:

    The TLS Working Group was established in 1996 to standardize a
    'transport layer' security protocol. The working group began with SSL
    version 3.0. The TLS Working Group has completed a series of
    specifications that describe the Transport Layer Security protocol
    versions 1.0 and 1.1, extensions to the protocol, and new
    ciphersuites to be used with TLS.

    The primary goal of the WG is to publish a revision of TLS, version
    1.2, that removes the protocol's dependency on the MD5 and SHA-1 digest
    algorithms, which have been either wholly or partially compromised by
    recent research. The TLS WG will also work on new authenticated
    encryption modes for TLS, including modes based on counter mode
    encryption (CTR) and combined encryption/authentication modes, and
    may define major new cipher suites for TLS for this purpose. In the
    preparation of TLS 1.2, the WG will attempt to avoid gratuitous
    changes to TLS 1.1.

    Goals and Milestones:

    Done  Agreement on charter and issues in current draft.
    Done  Final draft for Secure Transport Layer Protocol ('STLP')
    Done  Working group 'Last Call'
    Done  Submit to IESG for consideration as a Proposed Standard.
    Done  First revised draft of TLS specification
    Done  TSL 1.1 Specification
    Done  First draft of TLS 1.2 specification, including CTR mode cipher suites
    Done  First draft of specification for cipher suites with combined encryption/authentication modes
    Dec 2006  Submit specification of TLS 1.2 specification to IESG for publication as Proposed Standard
    Dec 2006  Submit specification of cipher suites with combined encryption/authentication modes to IESG for publication, with at least one of these suites to be Proposed Standard

    Internet-Drafts:

    The Transport Layer Security (TLS) Protocol Version 1.2 (222961 bytes)
    TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (16297 bytes)
    AES-GCM Cipher Suites for TLS (18231 bytes)
    Transport Layer Security (TLS) Extensions: Extension Definitions (44378 bytes)
    Keying Material Extractors for Transport Layer Security (TLS) (10470 bytes)
    ECDHE_PSK Ciphersuites for Transport Layer Security (TLS) (11309 bytes)

    Request For Comments:

    The TLS Protocol Version 1.0 (RFC 2246) (0 bytes) obsoleted by RFC 4346/ updated by RFC 3546
    Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) (RFC 2712) (0 bytes)
    Upgrading to TLS Within HTTP/1.1 (RFC 2817) (0 bytes) updates RFC 2616
    HTTP Over TLS (RFC 2818) (0 bytes)
    AES Ciphersuites for TLS (RFC 3268) (0 bytes)
    Transport Layer Security (TLS) Extensions (RFC 3546) (0 bytes) updates RFC 2246
    Transport Layer Security Protocol Compression Methods (RFC 3749) (0 bytes)
    Addition of Camellia Cipher Suites to Transport Layer Security (TLS) (RFC 4132) (0 bytes)
    Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) (RFC 4279) (0 bytes)
    The The Transport Layer Security (TLS) Protocol Version 1.1 (RFC 4346) (0 bytes) obsoletes RFC 2246/ updated by RFC 4680,RFC 4681
    Transport Layer Security (TLS) Extensions (RFC 4366) (0 bytes)
    Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) (RFC 4492) (0 bytes)
    Pre-Shared Key (PSK) Cipher Suites with NULL Encryption for Transport Layer Security (TLS) (RFC 4785) (0 bytes)
    Using OpenPGP keys for TLS authentication (RFC 5081) (0 bytes)
    Using the Secure Remote Password (SRP) Protocol for TLS Authentication (RFC 5054) (0 bytes)
    IETF Secretariat - Please send questions, comments, and/or suggestions to ietf-web@ietf.org.

    Return to working group directory.

    Return to IETF home page.