We have implemented a part of a new Intenet Draft called "Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)" [1], and we would like to contribute it to the OpenSSL project.
According to the Abstract section of the draft: "This document specifies three sets of new ciphersuites for the Transport Layer Security (TLS) protocol to support authentication based on pre-shared keys. These pre-shared keys are symmetric keys, shared in advance among the communicating parties. The first set of ciphersuites uses only symmetric key operations for authentication. The second set uses a Diffie-Hellman exchange authenticated with a pre-shared key; and the third set combines public key authentication of the server with pre-shared key authentication of the client." The draft has been publicially developed at the IETF Transport Layer Security (tls) Working Group [2]. The draft is currently in the RFC Editor queue [3]. Status of the patch ------------------- The patch is made against the latest stable version 0.9.8 of OpenSSL taken from [4]. The attached file is compressed into the ZIP format. The uncompressed package has three files containing separate patch files for documentation, test cases and required modifications to the existing SSL libraries to support PSK cipher suites. The patch contains currently support only for the plain PSK cipher suites described in the chapter 2 of [1]. The rest of the remaining cipher suites (DHE_PSK and RSA_PSK, chapters 3 and 4 correspondingly) are under development and expected to be sent to the OpenSSL project when they are finished. Contact persons related to the patch are: Mika Kousa ([EMAIL PROTECTED] / [EMAIL PROTECTED]) Pasi Eronen ([EMAIL PROTECTED]) (one of the authors of the draft) [1] http://www.ietf.org/internet-drafts/draft-ietf-tls-psk-09.txt [2] http://www.ietf.org/html.charters/tls-charter.html [3] https://datatracker.ietf.org/public/pidtracker.cgi?command=view_id&dTag= 11875&rfc_flag=0 [4] http://www.openssl.org/source/openssl-0.9.8.tar.gz ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]