Transport Layer Security (tls) ------------------------------ Charter Last Modified: 2008-05-07 Current Status: Active Working Group Chair(s): Eric Rescorla Joseph Salowey Security Area Director(s): Tim Polk Pasi Eronen Security Area Advisor: Pasi Eronen Technical Advisor(s): Allison Mankin Mailing Lists: General Discussion:tls@ietf.org To Subscribe: https://www1.ietf.org/mailman/listinfo/tls Archive: http://www.ietf.org/mail-archive/web/tls/current/index.html Description of Working Group: The TLS Working Group was established in 1996 to standardize a 'transport layer' security protocol. The working group began with SSL version 3.0. The TLS Working Group has completed a series of specifications that describe the Transport Layer Security protocol versions 1.0 and 1.1, extensions to the protocol, and new ciphersuites to be used with TLS. The primary goal of the WG is to publish a revision of TLS, version 1.2, that removes the protocol's dependency on the MD5 and SHA-1 digest algorithms, which have been either wholly or partially compromised by recent research. The TLS WG will also work on new authenticated encryption modes for TLS, including modes based on counter mode encryption (CTR) and combined encryption/authentication modes, and may define major new cipher suites for TLS for this purpose. In the preparation of TLS 1.2, the WG will attempt to avoid gratuitous changes to TLS 1.1. Goals and Milestones: Done Agreement on charter and issues in current draft. Done Final draft for Secure Transport Layer Protocol ('STLP') Done Working group 'Last Call' Done Submit to IESG for consideration as a Proposed Standard. Done First revised draft of TLS specification Done TSL 1.1 Specification Done First draft of TLS 1.2 specification, including CTR mode cipher suites Done First draft of specification for cipher suites with combined encryption/authentication modes Dec 2006 Submit specification of TLS 1.2 specification to IESG for publication as Proposed Standard Dec 2006 Submit specification of cipher suites with combined encryption/authentication modes to IESG for publication, with at least one of these suites to be Proposed Standard Internet-Drafts: Posted Revised I-D Title ------ ------- -------------------------------------------- Mar 2006 Mar 2008 The Transport Layer Security (TLS) Protocol Version 1.2 Apr 2007 May 2008 TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode Jun 2007 Apr 2008 AES-GCM Cipher Suites for TLS Jul 2007 Feb 2008 Transport Layer Security (TLS) Extensions: Extension Definitions Dec 2007 Feb 2008 Keying Material Extractors for Transport Layer Security (TLS) Feb 2008 Apr 2008 ECDHE_PSK Ciphersuites for Transport Layer Security (TLS) Feb 2008 Mar 2008 DES and IDEA Cipher Suites for Transport Layer Security (TLS) May 2008 May 2008 Pre-Shared Key Cipher Suites for Transport Layer Security (TLS) with SHA-256/384 and AES Galois Counter Mode Jun 2008 Jun 2008 Datagram Transport Layer Security version 1.2 Request For Comments: RFC Stat Published Title ------- -- ----------- ------------------------------------ RFC2246 PS Jan 1999 The TLS Protocol Version 1.0 RFC2712 PS Oct 1999 Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) RFC2817 PS May 2000 Upgrading to TLS Within HTTP/1.1 RFC2818 I Jun 2000 HTTP Over TLS RFC3268 PS Jul 2002 AES Ciphersuites for TLS RFC3546 PS Jun 2003 Transport Layer Security (TLS) Extensions RFC3749Standard May 2004 Transport Layer Security Protocol Compression Methods RFC4132Standard Jul 2005 Addition of Camellia Cipher Suites to Transport Layer Security (TLS) RFC4279Standard Dec 2005 Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) RFC4346 PS Apr 2006 The The Transport Layer Security (TLS) Protocol Version 1.1 RFC4366 PS Apr 2006 Transport Layer Security (TLS) Extensions RFC4492 I May 2006 Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) RFC4785 PS Jan 2007 Pre-Shared Key (PSK) Cipher Suites with NULL Encryption for Transport Layer Security (TLS) RFC5081 E Nov 2007 Using OpenPGP keys for TLS authentication RFC5054 I Nov 2007 Using the Secure Remote Password (SRP) Protocol for TLS Authentication