| < draft-ietf-tls-rfc4492bis-06.txt | draft-ietf-tls-rfc4492bis-07.txt > | |||
|---|---|---|---|---|
| TLS Working Group Y. Nir | TLS Working Group Y. Nir | |||
| Internet-Draft Check Point | Internet-Draft Check Point | |||
| Obsoletes: 4492 (if approved) S. Josefsson | Obsoletes: 4492 (if approved) S. Josefsson | |||
| Intended status: Standards Track SJD AB | Intended status: Standards Track SJD AB | |||
| Expires: August 5, 2016 M. Pegourie-Gonnard | Expires: September 23, 2016 M. Pegourie-Gonnard | |||
| Independent / PolarSSL | Independent / PolarSSL | |||
| February 2, 2016 | March 22, 2016 | |||
| Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer | Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer | |||
| Security (TLS) Versions 1.2 and Earlier | Security (TLS) Versions 1.2 and Earlier | |||
| draft-ietf-tls-rfc4492bis-06 | draft-ietf-tls-rfc4492bis-07 | |||
| Abstract | Abstract | |||
| This document describes key exchange algorithms based on Elliptic | This document describes key exchange algorithms based on Elliptic | |||
| Curve Cryptography (ECC) for the Transport Layer Security (TLS) | Curve Cryptography (ECC) for the Transport Layer Security (TLS) | |||
| protocol. In particular, it specifies the use of Ephemeral Elliptic | protocol. In particular, it specifies the use of Ephemeral Elliptic | |||
| Curve Diffie-Hellman (ECDHE) key agreement in a TLS handshake and the | Curve Diffie-Hellman (ECDHE) key agreement in a TLS handshake and the | |||
| use of Elliptic Curve Digital Signature Algorithm (ECDSA) and Edwards | use of Elliptic Curve Digital Signature Algorithm (ECDSA) and Edwards | |||
| Digital Signature Algorithm (EdDSA) as new authentication mechanisms. | Digital Signature Algorithm (EdDSA) as new authentication mechanisms. | |||
| skipping to change at page 1, line 39 ¶ | skipping to change at page 1, line 39 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on August 5, 2016. | This Internet-Draft will expire on September 23, 2016. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2016 IETF Trust and the persons identified as the | Copyright (c) 2016 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 10, line 33 ¶ | skipping to change at page 10, line 33 ¶ | |||
| below is still named NamedCurve) for use in TLS. Only three have | below is still named NamedCurve) for use in TLS. Only three have | |||
| seen much use. This specification is deprecating the rest (with | seen much use. This specification is deprecating the rest (with | |||
| numbers 1-22). This specification also deprecates the explicit | numbers 1-22). This specification also deprecates the explicit | |||
| curves with identifiers 0xFF01 and 0xFF02. It also adds the new | curves with identifiers 0xFF01 and 0xFF02. It also adds the new | |||
| curves defined in [RFC7748] and [CFRG-EdDSA]. The end result is as | curves defined in [RFC7748] and [CFRG-EdDSA]. The end result is as | |||
| follows: | follows: | |||
| enum { | enum { | |||
| deprecated(1..22), | deprecated(1..22), | |||
| secp256r1 (23), secp384r1 (24), secp521r1 (25), | secp256r1 (23), secp384r1 (24), secp521r1 (25), | |||
| ecdh_x25519(TBD1), ecdh_x448(TBD2), | ecdh_x25519(29), ecdh_x448(30), | |||
| eddsa_ed25519(TBD3), eddsa_ed448(TBD4), | eddsa_ed25519(TBD3), eddsa_ed448(TBD4), | |||
| reserved (0xFE00..0xFEFF), | reserved (0xFE00..0xFEFF), | |||
| deprecated(0xFF01..0xFF02), | deprecated(0xFF01..0xFF02), | |||
| (0xFFFF) | (0xFFFF) | |||
| } NamedCurve; | } NamedCurve; | |||
| Note that other specification have since added other values to this | Note that other specification have since added other values to this | |||
| enumeration. | enumeration. | |||
| secp256r1, etc: Indicates support of the corresponding named curve or | secp256r1, etc: Indicates support of the corresponding named curve or | |||
| skipping to change at page 11, line 9 ¶ | skipping to change at page 11, line 9 ¶ | |||
| curves are also recommended in ANSI X9.62 [ANSI.X9-62.2005] and FIPS | curves are also recommended in ANSI X9.62 [ANSI.X9-62.2005] and FIPS | |||
| 186-4 [FIPS.186-4]. ecdh_x25519 and ecdh_x448 are defined in | 186-4 [FIPS.186-4]. ecdh_x25519 and ecdh_x448 are defined in | |||
| [RFC7748]. eddsa_ed25519 and eddsa_ed448 are signature-only curves | [RFC7748]. eddsa_ed25519 and eddsa_ed448 are signature-only curves | |||
| defined in [CFRG-EdDSA]. Values 0xFE00 through 0xFEFF are reserved | defined in [CFRG-EdDSA]. Values 0xFE00 through 0xFEFF are reserved | |||
| for private use. | for private use. | |||
| The NamedCurve name space is maintained by IANA. See Section 8 for | The NamedCurve name space is maintained by IANA. See Section 8 for | |||
| information on how new value assignments are added. | information on how new value assignments are added. | |||
| struct { | struct { | |||
| NamedCurve elliptic_curve_list<1..2^16-1> | NamedCurve elliptic_curve_list<2..2^16-1> | |||
| } EllipticCurveList; | } EllipticCurveList; | |||
| Items in elliptic_curve_list are ordered according to the client's | Items in elliptic_curve_list are ordered according to the client's | |||
| preferences (favorite choice first). | preferences (favorite choice first). | |||
| As an example, a client that only supports secp256r1 (aka NIST P-256; | As an example, a client that only supports secp256r1 (aka NIST P-256; | |||
| value 23 = 0x0017) and secp384r1 (aka NIST P-384; value 24 = 0x0018) | value 23 = 0x0017) and secp384r1 (aka NIST P-384; value 24 = 0x0018) | |||
| and prefers to use secp256r1 would include a TLS extension consisting | and prefers to use secp256r1 would include a TLS extension consisting | |||
| of the following octets. Note that the first two octets indicate the | of the following octets. Note that the first two octets indicate the | |||
| extension type (Supported Elliptic Curves Extension): | extension type (Supported Elliptic Curves Extension): | |||
| skipping to change at page 27, line 5 ¶ | skipping to change at page 27, line 5 ¶ | |||
| values (ECPointFormat and ECCurveType) reserved for Private Use. The | values (ECPointFormat and ECCurveType) reserved for Private Use. The | |||
| policy for any additional assignments is "Specification Required". | policy for any additional assignments is "Specification Required". | |||
| The previous version of this document required IETF review. | The previous version of this document required IETF review. | |||
| NOTE: IANA, please update the registries to reflect the new policy. | NOTE: IANA, please update the registries to reflect the new policy. | |||
| NOTE: RFC editor please delete these two notes prior to publication. | NOTE: RFC editor please delete these two notes prior to publication. | |||
| IANA, please update these two registries to refer to this document. | IANA, please update these two registries to refer to this document. | |||
| IANA is requested to assign four values from the NamedCurve registry | IANA is requested to assign two values from the NamedCurve registry | |||
| with names ecdh_x25519(TBD1), ecdh_x448(TBD2), eddsa_ed25519(TBD3) | with names eddsa_ed25519(TBD3) and eddsa_ed448(TBD4) with this | |||
| and eddsa_ed448(TBD4) with this document as reference. | document as reference. IANA has already assigned the value 29 to | |||
| ecdh_x25519, and the value 30 to ecdh_x448(TBD2). | ||||
| IANA is requested to assign one value from SignatureAlgorithm | IANA is requested to assign one value from SignatureAlgorithm | |||
| Registry with name eddsa(TBD5) with this document as reference. | Registry with name eddsa(TBD5) with this document as reference. | |||
| 9. Acknowledgements | 9. Acknowledgements | |||
| Most of the text is this document is taken from [RFC4492], the | Most of the text is this document is taken from [RFC4492], the | |||
| predecessor of this document. The authors of that document were: | predecessor of this document. The authors of that document were: | |||
| o Simon Blake-Wilson | o Simon Blake-Wilson | |||
| End of changes. 7 change blocks. | ||||
| 9 lines changed or deleted | 10 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||