| < draft-ietf-tls-rfc4492bis-14.txt | draft-ietf-tls-rfc4492bis-15.txt > | |||
|---|---|---|---|---|
| TLS Working Group Y. Nir | TLS Working Group Y. Nir | |||
| Internet-Draft Check Point | Internet-Draft Check Point | |||
| Obsoletes: 4492 (if approved) S. Josefsson | Obsoletes: 4492 (if approved) S. Josefsson | |||
| Intended status: Standards Track SJD AB | Intended status: Standards Track SJD AB | |||
| Expires: September 7, 2017 M. Pegourie-Gonnard | Expires: September 14, 2017 M. Pegourie-Gonnard | |||
| Independent / PolarSSL | Independent / PolarSSL | |||
| March 6, 2017 | March 13, 2017 | |||
| Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer | Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer | |||
| Security (TLS) Versions 1.2 and Earlier | Security (TLS) Versions 1.2 and Earlier | |||
| draft-ietf-tls-rfc4492bis-14 | draft-ietf-tls-rfc4492bis-15 | |||
| Abstract | Abstract | |||
| This document describes key exchange algorithms based on Elliptic | This document describes key exchange algorithms based on Elliptic | |||
| Curve Cryptography (ECC) for the Transport Layer Security (TLS) | Curve Cryptography (ECC) for the Transport Layer Security (TLS) | |||
| protocol. In particular, it specifies the use of Ephemeral Elliptic | protocol. In particular, it specifies the use of Ephemeral Elliptic | |||
| Curve Diffie-Hellman (ECDHE) key agreement in a TLS handshake and the | Curve Diffie-Hellman (ECDHE) key agreement in a TLS handshake and the | |||
| use of Elliptic Curve Digital Signature Algorithm (ECDSA) and Edwards | use of Elliptic Curve Digital Signature Algorithm (ECDSA) and Edwards | |||
| Digital Signature Algorithm (EdDSA) as authentication mechanisms. | Digital Signature Algorithm (EdDSA) as authentication mechanisms. | |||
| skipping to change at page 1, line 41 ¶ | skipping to change at page 1, line 41 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on September 7, 2017. | This Internet-Draft will expire on September 14, 2017. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 13 ¶ | skipping to change at page 3, line 13 ¶ | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 33 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 33 | |||
| 1. Introduction | 1. Introduction | |||
| This document describes additions to TLS to support ECC, applicable | This document describes additions to TLS to support ECC, applicable | |||
| to TLS versions 1.0 [RFC2246], 1.1 [RFC4346], and 1.2 [RFC5246]. The | to TLS versions 1.0 [RFC2246], 1.1 [RFC4346], and 1.2 [RFC5246]. The | |||
| use of ECC in TLS 1.3 is defined in [I-D.ietf-tls-tls13], and is | use of ECC in TLS 1.3 is defined in [I-D.ietf-tls-tls13], and is | |||
| explicitly out of scope for this document. In particular, this | explicitly out of scope for this document. In particular, this | |||
| document defines: | document defines: | |||
| o the use of the Elliptic Curve Diffie-Hellman key agreement scheme | o the use of the ECDHE key agreement scheme with ephemeral keys to | |||
| with ephemeral keys to establish the TLS premaster secret, and | establish the TLS premaster secret, and | |||
| o the use of ECDSA certificates for authentication of TLS peers. | o the use of ECDSA and EdDSA signatures for authentication of TLS | |||
| peers. | ||||
| The remainder of this document is organized as follows. Section 2 | The remainder of this document is organized as follows. Section 2 | |||
| provides an overview of ECC-based key exchange algorithms for TLS. | provides an overview of ECC-based key exchange algorithms for TLS. | |||
| Section 3 describes the use of ECC certificates for client | Section 3 describes the use of ECC certificates for client | |||
| authentication. TLS extensions that allow a client to negotiate the | authentication. TLS extensions that allow a client to negotiate the | |||
| use of specific curves and point formats are presented in Section 4. | use of specific curves and point formats are presented in Section 4. | |||
| Section 5 specifies various data structures needed for an ECC-based | Section 5 specifies various data structures needed for an ECC-based | |||
| handshake, their encoding in TLS messages, and the processing of | handshake, their encoding in TLS messages, and the processing of | |||
| those messages. Section 6 defines ECC-based cipher suites and | those messages. Section 6 defines ECC-based cipher suites and | |||
| identifies a small subset of these as recommended for all | identifies a small subset of these as recommended for all | |||
| End of changes. 5 change blocks. | ||||
| 7 lines changed or deleted | 8 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||