The IESG has received a request from the Transport Layer Security WG (tls) to consider the following document: - 'Guidance for External PSK Usage in TLS' <draft-ietf-tls-external-psk-guidance-03.txt> as Informational RFC
The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the [email protected] mailing lists by 2021-11-19. Exceptionally, comments may be sent to [email protected] instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document provides usage guidance for external Pre-Shared Keys (PSKs) in Transport Layer Security (TLS) 1.3 as defined in RFC 8446. This document lists TLS security properties provided by PSKs under certain assumptions, and then demonstrates how violations of these assumptions lead to attacks. This document discusses PSK use cases and provisioning processes. This document provides advice for applications to help meet these assumptions. This document also lists the privacy and security properties that are not provided by TLS 1.3 when external PSKs are used. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-tls-external-psk-guidance/ No IPR declarations have been submitted directly on this I-D. _______________________________________________ IETF-Announce mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-announce
