The Transport Layer Security (TLS) Protocol Version 1.2
draft-ietf-tls-rfc4346-bis-10
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2008-08-07
|
(System) | Posted related IPR disclosure: Eric Rescorla's Statement about IPR related to RFC 2246, RFC 4346, and draft-ietf-tls-rfc4346-bis-10 belonging to Netscape (now AOL) | |
2008-04-16
|
10 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2008-04-15
|
10 | (System) | IANA Action state changed to Waiting on RFC Editor from In Progress |
2008-04-15
|
10 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
2008-04-15
|
10 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2008-04-14
|
10 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
2008-04-03
|
10 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2008-04-01
|
10 | (System) | IANA Action state changed to In Progress |
2008-03-27
|
10 | Cindy Morgan | State Changes to RFC Ed Queue from Approved-announcement sent by Cindy Morgan |
2008-03-27
|
10 | Amy Vezza | IESG state changed to Approved-announcement sent |
2008-03-27
|
10 | Amy Vezza | IESG has approved the document |
2008-03-27
|
10 | Amy Vezza | Closed "Approve" ballot |
2008-03-26
|
10 | (System) | New version available: draft-ietf-tls-rfc4346-bis-10.txt |
2008-03-07
|
10 | (System) | Removed from agenda for telechat - 2008-03-06 |
2008-03-06
|
10 | Amy Vezza | State Changes to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation by Amy Vezza |
2008-03-06
|
10 | Ross Callon | [Ballot Position Update] New position, No Objection, has been recorded by Ross Callon |
2008-03-06
|
10 | Lisa Dusseault | [Ballot Position Update] New position, No Objection, has been recorded by Lisa Dusseault |
2008-03-06
|
10 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu |
2008-03-06
|
10 | Jon Peterson | [Ballot Position Update] New position, No Objection, has been recorded by Jon Peterson |
2008-03-06
|
10 | Chris Newman | [Ballot comment] As this is a critical IETF standard for application protocols, I have reviewed it in depth. While the protocol is more complex then … [Ballot comment] As this is a critical IETF standard for application protocols, I have reviewed it in depth. While the protocol is more complex then I might wish, it takes an appropriate compromise between the necessary hash agility to future-proof TLS, backwards compatibility with previous TLS versions and simplicity. I consider this revision an important and necessary step forward for TLS. I am aware of TLS interoperability problems with wildcard server certificates and client certificates used by application protocols. This specification chooses to avoid all issues of application use of TLS. After a discussion with Ekr, I believe this is best addressed by an "application use of TLS" BCP rather than delaying this document. I have a number of minor comments and it is my belief a revision of the document addressing some or all of my comments would improve the document's value sufficiently to merit the delay. I don't consider any of these discuss-level blocking comments, however. Section 4.7: The acronym "DER" is first used in the context of a normative reference to RFC 3447 (PKCS#1). However, RFC 3447 does not define nor provide a direct reference to either DER or ASN.1, although those are normative to implementing this portion of TLS (given the "MUST"). I suggest adding normative references to ASN.1/DER and/or expanding the "DER" acronym on first use. A previous RFC that normatively referenced RFC 3447 was RFC 4556 and it included the following normative references: [X680] ITU-T Recommendation X.680 (2002) | ISO/IEC 8824-1:2002, Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation. [X690] ITU-T Recommendation X.690 (2002) | ISO/IEC 8825-1:2002, Information technology - ASN.1 encoding Rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER). Section 6.2.2: While RFC 3749 (TLS Compression) is referenced from the IANA considerations section, it would also be helpful to implementers to reference it from the compression section 6.2.2. It's fine as an informative reference. Section 6.2.3.1, last paragraph, last sentence: This sentence: > TLSCiphertext.length is TLSCompressed.length plus > SecurityParameters.mac_length. doesn't have a clear context (it's not clear if it refers to the null cipher, stream cipher, both or all ciphers). I suggest clairifying this similar to the equivalent statement in the next section: The null or stream cipher length (TLSCiphertext.length) is TLSCompressed.length plus SecurityParameters.mac_length. Section 7.4.1.2, page 40 "session_id": > The ID of a session the client wishes to use for this connection. > This field is empty if no session_id is available, or it the s/it/if/ Section 7.4.1.2, page 40 "extensions": > Clients MAY request extended functionality from servers by sending > data in the extensions Here the new "extensions" field contains a > list of extensions. This needs rewording. Section 7.4.1.3, "session_id" last sentence: > session_id. Client MUST be prepared to do a full negotiation -- s/Client/Clients/ Section 7.4.1.4: > signature_algorithms(TBD-BY-IANA), (65535) I suggest an explicit note to RFC editor to make sure this occurrance of TBD-BY-IANA is changed to the registered number. Alternatively, the text in section 12 should specifically mention this item in this section needs to be replaced by the registered number. Section 7.4.1.4.1, "signature": > This field indicates the signature algorithm which may be used. > The values indicate anonymous signatures, RSASSA-PKCS1-v1_5 > [PKCS1] and DSA [DSS] respectively. This sentence is missing a reference for ECDSA. Section 7.4.1.4.1: > cipher suite indicates permissible signature algorithms but not hash > algorithm. Sections 7.4.2 and 7.4.3 describe the appropriate rules. s/algorithm/algorithms/ Section 7.4.2, "certificate_list": > certificate authority MAY optionally be omitted from the chain, s/MAY optionally/MAY/ ("MAY optionally" is redundant as "MAY" implies the behavior is optional) Section 7.4.2: > ECDHE_RSA allow the key to be used for signing It would be helpful to mention this cipher suite is defined in [TLSECC] here. Section 7.4.2: > extension. The naming is historical. I'm not sure which "naming" is referred to by this sentence. Perhaps clarification is needed? Section 7.4.3: > DHE_DSS > DHE_RSA > DH_anon This is also true for "ECDHE_RSA", "ECDHE_DSS", "ECDH_anon" I believe. While I know those cipher suites are defined in RFC 4492 rather than here, it's confusing to have them discussed in the previous section and suddenly missing in this section. Either say explicitly you're omitting them from this section or include them in this discussion. Section 7.4.8: > permitted hash algorith, subject to restrictions in the s/algorith/algorithm/ Section A.7: > to be used and digest algorithms other than SHA-1, provided such use s/and/with/ Section E.1: > remains compatible, and the client support the highest protocol s/support/supports/ ... > A TLS server can also receive a ClientHello containing version number s/containing version/containing a version/ Informative References: The XDR reference should mention it is STD 67: [XDR] Eisler, M., "External Data Representation Standard", STD 67, RFC 4506, May 2006. |
2008-03-06
|
10 | Chris Newman | [Ballot Position Update] New position, Yes, has been recorded by Chris Newman |
2008-03-05
|
10 | Sam Hartman | [Ballot Position Update] New position, No Objection, has been recorded by Sam Hartman |
2008-03-05
|
10 | Jari Arkko | [Ballot Position Update] New position, Yes, has been recorded by Jari Arkko |
2008-03-05
|
10 | Jari Arkko | [Ballot comment] > a SHOULD, with sending it a SHOULD not. Support will probably s/SHOULD not/SHOULD NOT/ Section 1.2 does not list the change that … [Ballot comment] > a SHOULD, with sending it a SHOULD not. Support will probably s/SHOULD not/SHOULD NOT/ Section 1.2 does not list the change that unnegotiated extensions now result in a fatal alert, not silently dropping the message. (Section 6) > This document > describes TLS Version 1.2, which uses the version { 3, 3 }. The > version value 3.3 is historical, deriving from the use of 3.1 for > TLS 1.0. (See Appendix A.1). This was somewhat confusing, because I do not know when you are talking of values for the "version" field and when you are talking about the version numbers associated with a particular TLS RFC. I think you want to say: This document describes TLS Version 1.2, which uses the version { 3, 3 }. The version value { 3, 3 } is historical, deriving from the use of { 3, 1 } for TLS 1.0. (See Appendix A.1). By the way, differences from RFC 4346 are easily seen in http://tools.ietf.org/rfcdiff?url1=http://www.ietf.org/rfc/rfc4346.txt&url2=http://tools.ietf.org/id/draft-ietf-tls-rfc4346-bis-09.txt |
2008-03-05
|
10 | Jari Arkko | [Ballot comment] > a SHOULD, with sending it a SHOULD not. Support will probably s/SHOULD not/SHOULD NOT/ Section 1.2 does not list the change that … [Ballot comment] > a SHOULD, with sending it a SHOULD not. Support will probably s/SHOULD not/SHOULD NOT/ Section 1.2 does not list the change that unnegotiated extensions now result in a fatal alert, not silently dropping the message. (Section 6) > This document > describes TLS Version 1.2, which uses the version { 3, 3 }. The > version value 3.3 is historical, deriving from the use of 3.1 for > TLS 1.0. (See Appendix A.1). This was somewhat confusing. I think you want to say: This document describes TLS Version 1.2, which uses the version { 3, 3 }. The version value { 3, 3 } is historical, deriving from the use of { 3, 3 } for TLS 1.0. (See Appendix A.1). By the way, differences from RFC 4346 are easily seen in http://tools.ietf.org/rfcdiff?url1=http://www.ietf.org/rfc/rfc4346.txt&url2=http://tools.ietf.org/id/draft-ietf-tls-rfc4346-bis-09.txt |
2008-03-05
|
10 | Jari Arkko | [Ballot comment] > a SHOULD, with sending it a SHOULD not. Support will probably s/SHOULD not/SHOULD NOT/ Section 1.2 does not list the change that … [Ballot comment] > a SHOULD, with sending it a SHOULD not. Support will probably s/SHOULD not/SHOULD NOT/ Section 1.2 does not list the change that unnegotiated extensions now result in an alert, not silently dropping the message. (Section 6) > This document > describes TLS Version 1.2, which uses the version { 3, 3 }. The > version value 3.3 is historical, deriving from the use of 3.1 for > TLS 1.0. (See Appendix A.1). This was somewhat confusing. I think you want to say: This document describes TLS Version 1.2, which uses the version { 3, 3 }. The version value { 3, 3 } is historical, deriving from the use of { 3, 3 } for TLS 1.0. (See Appendix A.1). By the way, differences from RFC 4346 are easily seen in http://tools.ietf.org/rfcdiff?url1=http://www.ietf.org/rfc/rfc4346.txt&url2=http://tools.ietf.org/id/draft-ietf-tls-rfc4346-bis-09.txt |
2008-03-05
|
10 | Jari Arkko | [Ballot comment] > a SHOULD, with sending it a SHOULD not. Support will probably s/SHOULD not/SHOULD NOT/ Section 1.2 does not list the change that … [Ballot comment] > a SHOULD, with sending it a SHOULD not. Support will probably s/SHOULD not/SHOULD NOT/ Section 1.2 does not list the change that unnegotiated extensions now result in an alert, not silently dropping the message. (Section 6) By the way, differences from RFC 4346 are easily seen in http://tools.ietf.org/rfcdiff?url1=http://www.ietf.org/rfc/rfc4346.txt&url2=http://tools.ietf.org/id/draft-ietf-tls-rfc4346-bis-09.txt |
2008-03-05
|
10 | Jari Arkko | [Ballot comment] > a SHOULD, with sending it a SHOULD not. Support will probably s/SHOULD not/SHOULD NOT/ By the way, differences from RFC 4346 are … [Ballot comment] > a SHOULD, with sending it a SHOULD not. Support will probably s/SHOULD not/SHOULD NOT/ By the way, differences from RFC 4346 are easily seen in http://tools.ietf.org/rfcdiff?url1=http://www.ietf.org/rfc/rfc4346.txt&url2=http://tools.ietf.org/id/draft-ietf-tls-rfc4346-bis-09.txt |
2008-03-05
|
10 | Jari Arkko | [Ballot comment] > a SHOULD, with sending it a SHOULD not. Support will probably s/SHOULD not/SHOULD NOT/ |
2008-03-03
|
10 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley |
2008-03-03
|
10 | Magnus Westerlund | [Ballot Position Update] New position, No Objection, has been recorded by Magnus Westerlund |
2008-02-28
|
10 | Tim Polk | [Ballot Position Update] New position, Yes, has been recorded for Tim Polk |
2008-02-28
|
10 | Tim Polk | Ballot has been issued by Tim Polk |
2008-02-28
|
10 | Tim Polk | Created "Approve" ballot |
2008-02-28
|
10 | Tim Polk | State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Tim Polk |
2008-02-28
|
10 | Tim Polk | Placed on agenda for telechat - 2008-03-06 by Tim Polk |
2008-02-27
|
10 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
2008-02-22
|
10 | Tim Polk | Last call sent |
2008-02-22
|
10 | Tim Polk | State Changes to In Last Call from Publication Requested by Tim Polk |
2008-02-22
|
10 | Cindy Morgan | State Changes to Publication Requested from In Last Call by Cindy Morgan |
2008-02-22
|
10 | Cindy Morgan | Request to publish TLS 1.2 (draft-ietf-tls-rfc4346-bis-09) -------------- (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this … Request to publish TLS 1.2 (draft-ietf-tls-rfc4346-bis-09) -------------- (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this version of the document and, in particular, does he or she believe this version is ready for forwarding to the IESG for publication? Pasi Eronen. Yes. (1.b) Has the document had adequate review both from key WG members and from key non-WG members? Does the Document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? The document went through WG last call, and although the number people who commented the technical details was rather small, I don't have concerns about the depth or breadth. (1.c) Does the Document Shepherd have concerns that the document needs more review from a particular or broader perspective, e.g., security, operational complexity, someone familiar with AAA, internationalization, or XML? No concerns. (1.d) Does the Document Shepherd have any specific concerns or issues with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. No concerns. Has an IPR disclosure related to this document been filed? If so, please include a reference to the disclosure and summarize the WG discussion and conclusion on this issue. No IPR disclosures have been filed. (1.e) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? The WG as a whole is behind the document. (1.f) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarize the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is entered into the ID Tracker.) Nobody has threatened an appeal or otherwise indicated extreme discontent. (1.g) Has the Document Shepherd personally verified that the document satisfies all ID nits? (See http://www.ietf.org/ID-Checklist.html and http://tools.ietf.org/tools/idnits/.) Boilerplate checks are not enough; this check needs to be thorough. Yes, I have personally verified both the checklist and the idnits tool output. Has the document met all formal review criteria it needs to, such as the MIB Doctor, media type, and URI type reviews? No such formal review criteria are applicable. If the document does not already indicate its intended status at the top of the first page, please indicate the intended status here. The intended status, Proposed Standard, is stated on the first page. (1.h) Has the document split its references into normative and informative? Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the strategy for their completion? Are there normative references that are downward references, as described in [RFC3967]? If so, list these downward references to support the Area Director in the Last Call procedure for them [RFC3967]. References are split into normative and informative; all normative references look acceptable. There is one reference whose normativeness might be subject to different opinions or discussion: RFC 4492 (ECC cipher suites for TLS). When RFC 4492 was written, TLS 1.0 and 1.1 did not provide algorithm agility for digital signatures. There are couple of sentences in RFC 4492 that simply follow what TLS 1.0/1.1 did in this respect. TLS 1.2 (this specification) adds such algorithm agility functionality, and this functionality applies to all TLS cipher suites which use signatures (either in TLS messages or certificates). The document includes a couple of sentences that explain how exactly this functionality works in the context of RFC 4492; in other words, things that someone implementing both this specification and RFC 4492 should pay attention to. These topics are summarized in Appendix A.7. Given this, the document has "Updates: RFC 4492" on the cover page to draw implementors' attention. However, RFC 4492 is listed as an informative reference, as this specification can be implemented without understanding RFC 4492. (1.i) Has the Document Shepherd verified that the document's IANA Considerations section exists and is consistent with the body of the document? If the document specifies protocol extensions, are reservations requested in appropriate IANA registries? Are the IANA registries clearly identified? If the document creates a new registry, does it define the proposed initial contents of the registry and an allocation procedure for future registrations? Does it suggest a reasonable name for the new registry? See [RFC2434]. If the document describes an Expert Review process, has the Document Shepherd conferred with the Responsible Area Director so that the IESG can appoint the needed Expert during IESG Evaluation? Everything looks OK here. (1.j) Has the Document Shepherd verified that sections of the document that are written in a formal language, such as XML code, BNF rules, MIB definitions, etc., validate correctly in an automated checker? The only (semi-)formal language used is the TLS presentation language (defined in this document), for which no automated tools are available. I have checked them manually. (1.k) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary This document specifies version 1.2 of the Transport Layer Security (TLS) protocol. The most important improvements over earlier versions are algorithm agility for digital signatures and PRFs, and support for authenticated encryption modes. The document also merges in AES cipher suites from RFC 3268 and the TLS extension mechanism from RFC 4366. Several requirements have been also tightened, and text has been clarified based on feedback from implementations of earlier versions of TLS. Working Group Summary This document is a product of the Transport Layer Security (TLS) Working Group. Document Quality There is at least one prototype implementation of an earlier version of TLS 1.2 Internet-Draft. Several other vendors have participated in the work, and have indicated that they plan to implement the specification. Personnel The Document Shepherd for this document is Pasi Eronen, and the Responsible Area Director is Tim Polk. |
2008-02-19
|
10 | Amanda Baber | IANA Last Call comments: Action #1: Upon approval of this document, the IANA will make the following changes in "Transport Layer Security (TLS) Parameters]" registry … IANA Last Call comments: Action #1: Upon approval of this document, the IANA will make the following changes in "Transport Layer Security (TLS) Parameters]" registry located at http://www.iana.org/assignments/tls-parameters sub-registry "TLS ClientCertificateType Identifiers Registry - per [RFC4346]" OLD: TLS ClientCertificateType Identifiers Registry - per [RFC4346] NEW: Registry Name: TLS ClientCertificateType Identifiers Registry Reference: [RFC-tls-rfc4346-bis-09] Values in the range 0-63 (decimal) inclusive are assigned via Standards Action [RFC2434]. Values in the range 64-223 (decimal) inclusive are assigned via Specification Required [RFC2434]. Values from 224-255 (decimal) inclusive are reserved for Private Use [RFC2434]. QUESTION: are the references for value 0-6,20 supposed to change to this document or stay with RFC4346 ? Action #2: Upon approval of this document, the IANA will make the following changes in "Transport Layer Security (TLS) " registry located at http://www.iana.org/assignments/tls-parameters sub-registry "TLS Cipher Suite Registry" OLD: TLS Cipher Suite Registry - per [RFC4346] NEW: Registry Name: TLS Cipher Suite Registry Reference: [RFC-tls-rfc4346-bis-09] Allocation policy: the first byte in the range 0-191 (decimal) inclusive are assigned via Standards Action [RFC2434]. Values with the first byte in the range 192-254 (decimal) are assigned via Specification Required [RFC2434]. Values with the first byte 255 (decimal) are reserved for Private Use [RFC2434]. Action #3: Upon approval of this document, the IANA will make the following registrations in "Transport Layer Security (TLS)" registry located at http://www.iana.org/assignments/tls-parameters sub-registry "TLS Cipher Suite Registry†TLS Cipher Suite Registry Value Description Reference ----------- -------------------------------------- --------- 0x00, TDB1 TLS_RSA_WITH_NULL_SHA256 [RFC-tls-rfc4346-bis-09] 0x00, TBD2 TLS_RSA_WITH_AES_128_CBC_SHA256 [RFC-tls-rfc4346-bis-09] 0x00, TBD3 TLS_RSA_WITH_AES_256_CBC_SHA256 [RFC-tls-rfc4346-bis-09] 0x00, TBD4 TLS_DH_DSS_WITH_AES_128_CBC_SHA256 [RFC-tls-rfc4346-bis-09] 0x00, TBD5 TLS_DH_RSA_WITH_AES_128_CBC_SHA256 [RFC-tls-rfc4346-bis-09] 0x00, TBD6 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 [RFC-tls-rfc4346-bis-09] 0x00, TBD7 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 [RFC-tls-rfc4346-bis-09] 0x00, TBD8 TLS_DH_DSS_WITH_AES_256_CBC_SHA256 [RFC-tls-rfc4346-bis-09] 0x00, TBD9 TLS_DH_RSA_WITH_AES_256_CBC_SHA256 [RFC-tls-rfc4346-bis-09] 0x00, TBDA TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 [RFC-tls-rfc4346-bis-09] 0x00, TBDB TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 [RFC-tls-rfc4346-bis-09] 0x00, TBDC TLS_DH_anon_WITH_AES_128_CBC_SHA256 [RFC-tls-rfc4346-bis-09] 0x00, TBDD TLS_DH_anon_WITH_AES_256_CBC_SHA256 [RFC-tls-rfc4346-bis-09] Action #4 Upon approval of this document, the IANA will make the following changes in "Transport Layer Security (TLS) " registry located at http://www.iana.org/assignments/tls-parameters sub-registry "TLS ContentType Registry" OLD: TLS ContentType Registry - per [RFC4346] NEW: Registry Name: TLS ContentType Registry Reference: [RFC-tls-rfc4346-bis-09] Allocation policy: Standards Action Action #5 Upon approval of this document, the IANA will make the following changes in "Transport Layer Security (TLS) Parameters" registry located at http://www.iana.org/assignments/tls-parameters sub-registry "TLS Alert Registry" OLD: TLS Alert Registry - per [RFC4346] NEW: Registry Name: TLS Alert Registry Reference: [RFC4346] Allocation policy: Standards Action Action #6 Upon approval of this document, the IANA will make the following changes in "Transport Layer Security (TLS) Parameters" registry located at http://www.iana.org/assignments/tls-parameters sub-registry "TLS HandshakeType Registry" OLD: TLS HandshakeType Registry - per [RFC4346] NEW: Registry Name: TLS HandshakeType Registry Reference: [RFC-tls-rfc4346-bis-09] Allocation policy: Standards Action Action #7: Upon approval of this document, the IANA will make the following changes in "Transport Layer Security (TLS) Extensions" registry located at http://www.iana.org/assignments/tls-extension-values sub-registry "ExtensionType Values" OLD: Registry Name: ExtensionType Values Reference: [RFC4366] NEW: Registry Name: ExtensionType Values Reference: [RFC-tls-rfc4346-bis-09] Action #8 Upon approval of this document, the IANA will in the following registry "Transport Layer Security (TLS) Parameters" located at http://www.iana.org/assignments/tls-parameters create a new sub-registry "TLS SignatureAlgorithm Registry" Initial contents of this sub-registry will be: Allocation policy: Values in the range 0-63 (decimal) inclusive are assigned via Standards Action [RFC2434]. Values in the range 64-223 (decimal) inclusive are assigned via Specification Required [RFC2434]. Values from 224-255 (decimal) inclusive are reserved for Private Use [RFC2434]. Value Name Reference -------+-------------+--------- 0 | anonymous | [RFC-tls-rfc4346-bis-09] 1 | rsa | [RFC-tls-rfc4346-bis-09] 2 | dsa | [RFC-tls-rfc4346-bis-09] 3 | ecdsa | [RFC-tls-rfc4346-bis-09] 4-255 | Unallocated | [RFC-tls-rfc4346-bis-09] Action #9 Upon approval of this document, the IANA will make the following registry "Transport Layer Security (TLS) Parameters - per [RFC4346]" located at http://www.iana.org/assignments/tls-parameters create a new sub-registry "TLS HashAlgorithm Registry [RFC-tls-rfc4346-bis-09]" Initial contents of this sub-registry will be: Allocation policy: Values in the range 0-63 (decimal) inclusive are assigned via Standards Action [RFC2434]. Values in the range 64-223 (decimal) inclusive are assigned via Specification Required [RFC2434]. Values from 224-255 (decimal) inclusive are reserved for Private Use [RFC2434]. Value Name Reference -------+-------------+--------- 0 | none | [RFC-tls-rfc4346-bis-09] 1 | md5 | [RFC-tls-rfc4346-bis-09] 2 | sha1 | [RFC-tls-rfc4346-bis-09] 3 | sha256 | [RFC-tls-rfc4346-bis-09] 4 | sha384 | [RFC-tls-rfc4346-bis-09] 5 | sha512 | [RFC-tls-rfc4346-bis-09] 6-255 | Unallocated | [RFC-tls-rfc4346-bis-09] Action #10 Upon approval of this document, the IANA will make the following assignments in the "Transport Layer Security (TLS) Extensions" registry located at http://www.iana.org/assignments/tls-extensiontype-values sub-registry "ExtensionType Values" Value Extension name Reference ------ ---------------------------- --------- TDB signature_algorithms [RFC-tls-rfc4346-bis-09] Action #11 Upon approval of this document, the IANA will make the following assignments in the "Transport Layer Security (TLS) Compression Method Identifiers per [RFC3749]" registry located at http://www.iana.org/assignments/comp-meth-ids Description Value Reference ------------------------------ ----- --------- null 0 [RFC-tls-rfc4346-bis-09] |
2008-02-16
|
10 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Charles Clancy |
2008-02-16
|
10 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Charles Clancy |
2008-02-13
|
10 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
2008-02-12
|
10 | Tim Polk | Last Call was requested by Tim Polk |
2008-02-12
|
10 | Tim Polk | State Changes to Last Call Requested from AD Evaluation::AD Followup by Tim Polk |
2008-02-12
|
10 | (System) | Ballot writeup text was added |
2008-02-12
|
10 | (System) | Last call text was added |
2008-02-12
|
10 | (System) | Ballot approval text was added |
2008-02-08
|
10 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2008-02-08
|
09 | (System) | New version available: draft-ietf-tls-rfc4346-bis-09.txt |
2008-02-07
|
10 | Tim Polk | State Changes to AD Evaluation::Revised ID Needed from Publication Requested by Tim Polk |
2008-02-07
|
10 | Tim Polk | waiting for -09 to appear in the repository... Pasi Eronen is the document shepherd. |
2008-02-07
|
10 | Tim Polk | Draft Added by Tim Polk in state Publication Requested |
2008-01-25
|
08 | (System) | New version available: draft-ietf-tls-rfc4346-bis-08.txt |
2007-11-26
|
07 | (System) | New version available: draft-ietf-tls-rfc4346-bis-07.txt |
2007-10-31
|
06 | (System) | New version available: draft-ietf-tls-rfc4346-bis-06.txt |
2007-09-18
|
05 | (System) | New version available: draft-ietf-tls-rfc4346-bis-05.txt |
2007-07-09
|
04 | (System) | New version available: draft-ietf-tls-rfc4346-bis-04.txt |
2007-03-07
|
03 | (System) | New version available: draft-ietf-tls-rfc4346-bis-03.txt |
2006-10-23
|
02 | (System) | New version available: draft-ietf-tls-rfc4346-bis-02.txt |
2006-06-27
|
01 | (System) | New version available: draft-ietf-tls-rfc4346-bis-01.txt |
2006-03-02
|
00 | (System) | New version available: draft-ietf-tls-rfc4346-bis-00.txt |