diff options
Diffstat (limited to 'doc/protocol/draft-ietf-tls-psk-null-03.txt')
-rw-r--r-- | doc/protocol/draft-ietf-tls-psk-null-03.txt | 261 |
1 files changed, 0 insertions, 261 deletions
diff --git a/doc/protocol/draft-ietf-tls-psk-null-03.txt b/doc/protocol/draft-ietf-tls-psk-null-03.txt deleted file mode 100644 index 20ac868f74..0000000000 --- a/doc/protocol/draft-ietf-tls-psk-null-03.txt +++ /dev/null @@ -1,261 +0,0 @@ -TLS Working Group U. Blumenthal -Internet Draft P. Goel -Expires: April 2007 Intel Corporation - October 20, 2006 - - - - Pre-Shared Key Cipher Suites with NULL Encryption for - Transport Layer Security (TLS) - - - draft-ietf-tls-psk-null-03.txt - - -Status of this Memo - - By submitting this Internet-Draft, each author represents that - any applicable patent or other IPR claims of which he or she is - aware have been or will be disclosed, and any of which he or she - becomes aware will be disclosed, in accordance with Section 6 of - BCP 79. - - Internet-Drafts are working documents of the Internet Engineering - Task Force (IETF), its areas, and its working groups. Note that - other groups may also distribute working documents as Internet- - Drafts. - - Internet-Drafts are draft documents valid for a maximum of six months - and may be updated, replaced, or obsoleted by other documents at any - time. It is inappropriate to use Internet-Drafts as reference - material or to cite them other than as "work in progress." - - The list of current Internet-Drafts can be accessed at - http://www.ietf.org/ietf/1id-abstracts.txt - - The list of Internet-Draft Shadow Directories can be accessed at - http://www.ietf.org/shadow.html - - This Internet-Draft will expire on April 20, 2007. - -Abstract - - This document specifies authentication-only cipher suites (with no - encryption) for the Pre-Shared Key based Transport Layer Security - (TLS) protocol. These cipher suites are useful when authentication - and integrity protection is desired, but confidentiality is not - needed or not permitted. - - - - -Blumenthal & Goel Expires April 20, 2007 [Page 1] - -Internet-Draft PSK NULL-encryption Cipher Suites for TLS October -2006 - - -Conventions used in this document - - The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", - "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this - document are to be interpreted as described in [RFC2119]. - -Table of Contents - - - 1. Introduction...................................................2 - 2. Cipher Usage...................................................2 - 3. Security Considerations........................................3 - 4. IANA Considerations............................................3 - 5. Acknowledgments................................................3 - 6. References.....................................................4 - 6.1. Normative References......................................4 - Author's Addresses................................................4 - Intellectual Property Statement...................................5 - Disclaimer of Validity............................................5 - Copyright Statement...............................................5 - Acknowledgment....................................................4 - -1. Introduction - - The RFC for Pre-Shared Key based TLS [TLS-PSK] specifies cipher - suites for supporting TLS using pre-shared symmetric keys. However - all the cipher suites defined in [TLS-PSK] require encryption. - However there are cases when only authentication and integrity - protection is required, and confidentiality is not needed. There are - also cases when confidentiality is not permitted - e.g. for - implementations that must meet import restrictions in some countries. - Even though no encryption is used, these cipher suites support - authentication of the client and server to each other, and message - integrity. This document augments [TLS-PSK] by adding three more - cipher suites (PSK, DHE_PSK, RSA_PSK) with authentication and - integrity only - no encryption. The reader is expected to become - familiar with [TLS-PSK] standard prior to studying this document. - - - -2. Cipher Usage - - The three new cipher suites proposed here match the three cipher - suites defined in [TLS-PSK], except that we define suites with null - encryption. - - -Blumenthal & Goel Expires April 20, 2007 [Page 2] - -Internet-Draft PSK NULL-encryption Cipher Suites for TLS October -2006 - - - The cipher suites defined here use the following options for key - exchange and hash part of the protocol: - - - - CipherSuite Key Exchange Cipher Hash - - TLS_PSK_WITH_NULL_SHA PSK NULL SHA - TLS_DHE_PSK_WITH_NULL_SHA DHE_PSK NULL SHA - TLS_RSA_PSK_WITH_NULL_SHA RSA_PSK NULL SHA - - For the meaning of the terms PSK please refer to section 1 in [TLS- - PSK]. For the meaning of the terms DHE, RSA and SHA please refer to - sections A.5 and Appendix B in [TLS]. - -3. Security Considerations - - As with all schemes involving shared keys, special care should be - taken to protect the shared values and to limit their exposure over - time. As this document augments [TLS-PSK], everything stated in its - Security Consideration section applies here. In addition, as cipher - suites defined here do not support confidentiality - care should be - taken not to send sensitive information (such as passwords) over - connection protected with one of the cipher suites defined in this - document. - -4. IANA Considerations - - This document defines three new cipher suites, whose values are to be - assigned from the TLS Cipher Suite registry defined in [TLS]. - - CipherSuite TLS_PSK_WITH_NULL_SHA = { 0x00, 0xTBD1 }; - CipherSuite TLS_DHE_PSK_WITH_NULL_SHA = { 0x00, 0xTBD2 }; - CipherSuite TLS_RSA_PSK_WITH_NULL_SHA = { 0x00, 0xTBD3 }; - -5. Acknowledgments - - The cipher suites defined in this document are an augmentation to and - based on [TLS-PSK]. - - - - -Blumenthal & Goel Expires April 20, 2007 [Page 3] - -Internet-Draft PSK NULL-encryption Cipher Suites for TLS October -2006 - - -6. References - -6.1. Normative References - - [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate - Requirement Levels", BCP 14, RFC 2119, March 1997. - - [TLS] Dierks, T. and Rescorla, E., "The TLS Protocol Version - 1.1", RFC 4346, April 2006. - - [TLS-PSK] Eronen, P., Tschofenig, H., "Pre-Shared Key CipherSuites - for Transport Layer Security (TLS)", RFC 4279, December - 2005. - - - -Author's Addresses - - Uri Blumenthal - Intel Corporation - 1515 State Route 10, - PY2-1 10-4 - Parsippany, NJ 07054 - USA - - Email: Uri.Blumenthal@intel.com - - - Purushottam Goel - Intel Corporation - 2111 N.E. 25 Ave. - JF3-414 - Hillsboro, OR 97124 - USA - - Email: Purushottam.Goel@intel.com - - - - -Acknowledgment - - Funding for the RFC Editor function is currently provided by the - Internet Society. - - - -Blumenthal & Goel Expires April 20, 2007 [Page 4] - -Internet-Draft PSK NULL-encryption Cipher Suites for TLS October -2006 - - - - -Intellectual Property Statement - - The IETF takes no position regarding the validity or scope of any - Intellectual Property Rights or other rights that might be claimed to - pertain to the implementation or use of the technology described in - this document or the extent to which any license under such rights - might or might not be available; nor does it represent that it has - made any independent effort to identify any such rights. Information - on the procedures with respect to rights in RFC documents can be - found in BCP 78 and BCP 79. - - Copies of IPR disclosures made to the IETF Secretariat and any - assurances of licenses to be made available, or the result of an - attempt made to obtain a general license or permission for the use of - such proprietary rights by implementers or users of this - specification can be obtained from the IETF on-line IPR repository at - http://www.ietf.org/ipr. - - The IETF invites any interested party to bring to its attention any - copyrights, patents or patent applications, or other proprietary - rights that may cover technology that may be required to implement - this standard. Please address the information to the IETF at - ietf-ipr@ietf.org. - -Disclaimer of Validity - - This document and the information contained herein are provided on an - "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS - OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET - ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, - INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE - INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED - WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. - -Copyright Statement - - Copyright (C) The Internet Society (2006). - - This document is subject to the rights, licenses and restrictions - contained in BCP 78, and except as set forth therein, the authors - retain all their rights. - - - - -Blumenthal & Goel Expires April 20, 2007 [Page 5] - |