Hi, We have uploaded version 03 of draft-mattsson-tls-ecdhe-psk-aead. Russ pointed out that the document was totally pointed to TLS 1.2 and that it made sense to cover both TLS 1.2 and TLS 1.3. We agreed.
The updated version refers to TLS 1.3 [I-D.ietf-tls-tls13] as well as DTLS 1.2 [RFC6347]. It points out the relevant changes between TLS 1.2 and TLS 1.3, i.e. the key derivation and the nonce construction. Am I missing something else? “When used in TLS 1.2, the keying material is derived as described in [RFC5489] and [RFC5246] and nonces are constructed as described in [RFC5288], and [RFC6655]. When used in TLS 1.3, the keying material is derived as described in [I-D.ietf-tls-tls13], and the nonces are constructed as described in [I-D.ietf-tls-tls13].” 3GPP now formally has a dependency on draft-mattsson-tls-ecdhe-psk-aead, or at least the cipher suites TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 and TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384. Cheers, John ------------------------------------------------------------------ JOHN MATTSSON MSc Engineering Physics, MSc Business Administration and Economics Ericsson IETF Security Coordinator Senior Researcher, Security On 08/12/15 09:42, "internet-dra...@ietf.org" <internet-dra...@ietf.org> wrote: > >A new version of I-D, draft-mattsson-tls-ecdhe-psk-aead-03.txt >has been successfully submitted by John Mattsson and posted to the >IETF repository. > >Name: draft-mattsson-tls-ecdhe-psk-aead >Revision: 03 >Title: ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport >Layer Security (TLS) >Document date: 2015-12-08 >Group: Individual Submission >Pages: 6 >URL: >https://www.ietf.org/internet-drafts/draft-mattsson-tls-ecdhe-psk-aead-03. >txt >Status: >https://datatracker.ietf.org/doc/draft-mattsson-tls-ecdhe-psk-aead/ >Htmlized: >https://tools.ietf.org/html/draft-mattsson-tls-ecdhe-psk-aead-03 >Diff: >https://www.ietf.org/rfcdiff?url2=draft-mattsson-tls-ecdhe-psk-aead-03 > >Abstract: > This document defines several new cipher suites for the Transport > Layer Security (TLS) protocol. The cipher suites are all based on > the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key > (ECDHE_PSK) key exchange together with the Authenticated Encryption > with Associated Data (AEAD) algorithms AES-GCM and AES-CCM. PSK > provides light and efficient authentication, ECDHE provides perfect > forward secrecy, and AES-GCM and AES-CCM provides encryption and > integrity protection. > > > > > >Please note that it may take a couple of minutes from the time of >submission >until the htmlized version and diff are available at tools.ietf.org. > >The IETF Secretariat > _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls