2.6.12 Transport Layer Security (tls)

Description of Working Group:

The TLS Working Group was established in 1996 to standardize a 'transport layer' security protocol. The working group began with SSL version 3.0, and in 1999, RFC 2246, TLS Protocol Version 1.0 was published as a Proposed Standard. The working group has also published RFC 2712, Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) as a Proposed Standard, and two RFCs on the use of TLS with HTTP.

The primary purpose of the working group is to advance the TLS Protocol to Internet Standard. In addition, the working group will publish documents defining new ciphersuites for use with TLS as needed.

Goals and Milestones:



Agreement on charter and issues in current draft.



Final draft for Secure Transport Layer Protocol ('STLP')



Working group 'Last Call'



Submit to IESG for consideration as a Proposed Standard.

Feb 01


First revised draft of TLS specification

Jun 01


Submit specification to IESG for consideration as Draft Standard

The TLS Protocol Version 1.0



Addition of Kerberos Cipher Suites to Transport Layer Security (TLS)



Upgrading to TLS Within HTTP/1.1




Current Meeting Report

Minutes of the TLS Working Group Meeting, August, 2001

The TLS working group met on Wednesday, August 8, 2001 at 1300-1500 at the 51st IETF meeting in London. The meeting was chaired by Win Treese (treese@acm.org). Minutes by Win Treese.


1. Review of agenda and current status (5 minutes)
2. Moving RFC 2246 to Draft Standard (10 minutes)
3. Other Proposals (30 minutes)
TLS Extensions
TLS Delegation Protocol
Using SRP for TLS Authentication
Putting extensions on TLS roadmap -- what version of TLS? when?
4. CipherSuites (1 hour)
AES Ciphersuites for TLS
ECC Cipher Suites For TLS
56-bit Export Cipher Suites For TLS
Extensions to TLS for OpenPGP keys
Addition of MISTY1 to TLS
Addition of the Camellia Encryption Algorithm to TLS
Kerberos Cipher Suites in Transport Layer Security (TLS)
NTRU Cipher Suites for TLS
5. Open discussion (15 minutes): should the WG undertake to define a major revision to TLS? If so, what changes should we focus on?


Eric Rescorla (ekr@rtfm.com) has kindly agreed to work with Tim Dierks (Tim_Direrks@certicom.com) to edit RFC 2246 for advancing to Draft Standard. If you have any comments or suggestions for change, please send to the list or to Eric, Tim, and Win.

There was some discussion over which ciphersuites should be specified in the next version. Should AES be included? Should the mandatory ciphersuite be changed? No decisions were taken.

Simon Blake-Wilson made a brief presentation on the TLS Extensions draft (draft-ietf-tls-extensions-00.txt). Slides from the presentation are available in the IETF meeting minutes or at http://www.treese.org/ietf-tls/meetings/2001-08/index.html. Simon's presentation listed some open questions that need to be resolved, which is the next order of business for this draft.

Doug Engert said a little about the TLS Delegation Protocol draft (draft-ietf-tls-delegation-01.txt), with more discussion to follow on the mailing list.

David Taylor, author of Using SRP for TLS Authentication (<a href="ftp://ftp.ietf.org/internet-drafts/ietf-tls-srp-01.txt">ietf-tls-srp-01.txt</a>), was unable to attend the meeting, so discussion will take place on the mailing list.


The AES ciphersuite draft without OAEP will be put forward for Proposed Standard.

There was much discussion of whether the IANA should handle ciphersuite assignments, which Treese will discuss with them. There was also quite a bit of discussion about whether patented algorithms should be given RFCs of any kind for ciphersuite identifiers.

Treese made two proposals for the handling of future ciphersuite submissions:
1. New drafts specifying export-grade ciphersuites will not be accepted for publication as working group drafts
2. New drafts should specify temporary ciphersuite identifiers from the experimental range for the initial submission

Because the authors were not present, discussion of the draft for Kerberos Cipher Suites in Transport Layer Security (TLS) (draft-ietf-tls-kerb-00.txt) was deferred to the mailing list.

Pending discussion on the mailing list, the drafts for
Addition of MISTY1 to TLS (draft-ietf-tls-misty1-01.txt),

Addition of the Camellia Encryption Algorithm to TLS (draft-ietf-tls-camellia-01.txt), and 56-bit Export Cipher Suites For TLS (draft-ietf-tls-56-bit-ciphersuites-01.txt) will be submitted as Informational RFCs.

The remaining drafts require further discussion on the mailing list.

Respectfully submitted,

Win Treese


