Last Call: <draft-ietf-tls-session-hash-04.txt> (Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension) to Proposed Standard
The IESG <iesg-secretary@ietf.org> Mon, 30 March 2015 14:58 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDBF51AC414; Mon, 30 Mar 2015 07:58:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nFDWYIt5o6Mw; Mon, 30 Mar 2015 07:58:58 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 440581AC3EA; Mon, 30 Mar 2015 07:58:58 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Last Call: <draft-ietf-tls-session-hash-04.txt> (Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension) to Proposed Standard
X-Test-IDTracker: no
X-IETF-IDTracker: 5.13.0
Auto-Submitted: auto-generated
Precedence: bulk
Sender: iesg-secretary@ietf.org
Message-ID: <20150330145858.27263.63450.idtracker@ietfa.amsl.com>
Date: Mon, 30 Mar 2015 07:58:58 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-announce/4DedZuIJwhSHNW_9Tk6pcktjc2E>
Cc: tls@ietf.org
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Mar 2015 14:59:00 -0000
The IESG has received a request from the Transport Layer Security WG (tls) to consider the following document: - 'Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension' <draft-ietf-tls-session-hash-04.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2015-04-13. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The Transport Layer Security (TLS) master secret is not cryptographically bound to important session parameters such as the server certificate. Consequently, it is possible for an active attacker to set up two sessions, one with a client and another with a server, such that the master secrets on the two sessions are the same. Thereafter, any mechanism that relies on the master secret for authentication, including session resumption, becomes vulnerable to a man-in-the-middle attack, where the attacker can simply forward messages back and forth between the client and server. This specification defines a TLS extension that contextually binds the master secret to a log of the full handshake that computes it, thus preventing such attacks. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-tls-session-hash/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-tls-session-hash/ballot/ No IPR declarations have been submitted directly on this I-D. ID-NITs says this uses "NOT RECOMMENDED" but that that's not called out as a term. We'll fix that.