Transport Layer Security (tls)

Last Modified: 2009-02-04

Additional information is available at tools.ietf.org/wg/tls

Chair(s):

  • Eric Rescorla <ekr@networkresonance.com>

  • Joseph Salowey <jsalowey@cisco.com>

    Security Area Director(s):

  • Tim Polk <tim.polk@nist.gov>
  • Pasi Eronen <pasi.eronen@nokia.com>

    Security Area Advisor:

  • Pasi Eronen <pasi.eronen@nokia.com>

    Technical Advisor(s):

  • Allison Mankin <mankin@psg.com>

    Mailing Lists:

    General Discussion: tls@ietf.org
    To Subscribe: https://www.ietf.org/mailman/listinfo/tls
    Archive: http://www.ietf.org/mail-archive/web/tls/current/maillist.html

    Description of Working Group:

    The TLS Working Group was established in 1996 to standardize a
    'transport layer' security protocol. The working group began with SSL
    version 3.0. The TLS Working Group has completed a series of
    specifications that describe the Transport Layer Security protocol
    versions 1.0 and 1.1, extensions to the protocol, and new
    ciphersuites to be used with TLS.

    The primary goal of the WG is to publish a revision of TLS, version
    1.2, that removes the protocol's dependency on the MD5 and SHA-1 digest
    algorithms, which have been either wholly or partially compromised by
    recent research. The TLS WG will also work on new authenticated
    encryption modes for TLS, including modes based on counter mode
    encryption (CTR) and combined encryption/authentication modes, and
    may define major new cipher suites for TLS for this purpose. In the
    preparation of TLS 1.2, the WG will attempt to avoid gratuitous
    changes to TLS 1.1.

    Goals and Milestones:

    Done  Agreement on charter and issues in current draft.
    Done  Final draft for Secure Transport Layer Protocol ('STLP')
    Done  Working group 'Last Call'
    Done  Submit to IESG for consideration as a Proposed Standard.
    Done  First revised draft of TLS specification
    Done  TSL 1.1 Specification
    Done  First draft of TLS 1.2 specification, including CTR mode cipher suites
    Done  First draft of specification for cipher suites with combined encryption/authentication modes
    Dec 2006  Submit specification of TLS 1.2 specification to IESG for publication as Proposed Standard
    Dec 2006  Submit specification of cipher suites with combined encryption/authentication modes to IESG for publication, with at least one of these suites to be Proposed Standard

    Internet-Drafts:

    Transport Layer Security (TLS) Extensions: Extension Definitions (50900 bytes)
    Keying Material Extractors for Transport Layer Security (TLS) (15068 bytes)
    ECDHE_PSK Ciphersuites for Transport Layer Security (TLS) (16649 bytes)
    Pre-Shared Key Cipher Suites for Transport Layer Security (TLS) with SHA-256/384 and AES Galois Counter Mode (18305 bytes)
    Datagram Transport Layer Security version 1.2 (61537 bytes)

    Request For Comments:

    The TLS Protocol Version 1.0 (RFC 2246) (170401 bytes) obsoleted by RFC 4346/ updated by RFC 3546
    Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) (RFC 2712) (13763 bytes)
    Upgrading to TLS Within HTTP/1.1 (RFC 2817) (27598 bytes) updates RFC 2616
    HTTP Over TLS (RFC 2818) (15170 bytes)
    AES Ciphersuites for TLS (RFC 3268) (13530 bytes) obsoleted by RFC 5246
    Transport Layer Security (TLS) Extensions (RFC 3546) (63437 bytes) updates RFC 2246
    Transport Layer Security Protocol Compression Methods (RFC 3749) (16411 bytes)
    Addition of Camellia Cipher Suites to Transport Layer Security (TLS) (RFC 4132) (13590 bytes)
    Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) (RFC 4279) (32160 bytes)
    The The Transport Layer Security (TLS) Protocol Version 1.1 (RFC 4346) (187041 bytes) obsoletes RFC 2246/ obsoleted by RFC 5246/ updated by RFC 4680,RFC 4681
    Transport Layer Security (TLS) Extensions (RFC 4366) (66040 bytes) obsoleted by RFC 5246
    Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) (RFC 4492) (72231 bytes) updated by RFC 5246
    Pre-Shared Key (PSK) Cipher Suites with NULL Encryption for Transport Layer Security (TLS) (RFC 4785) (9550 bytes)
    Using OpenPGP keys for TLS authentication (RFC 5081) (15300 bytes)
    Using the Secure Remote Password (SRP) Protocol for TLS Authentication (RFC 5054) (44445 bytes)
    The Transport Layer Security (TLS) Protocol Version 1.2 (RFC 5246) (222395 bytes) obsoletes RFC 3268,RFC 4346,RFC 4366/ updates RFC 4492
    AES Galois Counter Mode (GCM) Cipher Suites for TLS (RFC 5288) (16468 bytes)
    TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM) (RFC 5289) (12195 bytes)
    DES and IDEA Cipher Suites for Transport Layer Security (TLS) (RFC 5469) (0 bytes)
    IETF Secretariat - Please send questions, comments, and/or suggestions to ietf-web@ietf.org.

    Return to working group directory.

    Return to IETF home page.