This update includes guidance clarification, use case expansion, and more text around PSK identity management. At this point, we're seeking any and all feedback from the WG on the current draft. What's missing, misleading, wrong, etc? Please feel free to raise issues here or on the GitHub repository [1].
Thanks! Chris [1] https://github.com/tlswg/external-psk-design-team ----- Original message ----- From: [email protected] To: Jonathan Hoyland <[email protected]>, Mohit Sethi <[email protected]>, Christopher Wood <[email protected]>, Russ Housley <[email protected]>, "Christopher A. Wood" <[email protected]> Subject: New Version Notification for draft-dt-tls-external-psk-guidance-01.txt Date: Monday, April 06, 2020 7:14 AM A new version of I-D, draft-dt-tls-external-psk-guidance-01.txt has been successfully submitted by Christopher A. Wood and posted to the IETF repository. Name: draft-dt-tls-external-psk-guidance Revision: 01 Title: Guidance for External PSK Usage in TLS Document date: 2020-04-06 Group: Individual Submission Pages: 12 URL: https://www.ietf.org/internet-drafts/draft-dt-tls-external-psk-guidance-01.txt Status: https://datatracker.ietf.org/doc/draft-dt-tls-external-psk-guidance/ Htmlized: https://tools.ietf.org/html/draft-dt-tls-external-psk-guidance-01 Htmlized: https://datatracker.ietf.org/doc/html/draft-dt-tls-external-psk-guidance Diff: https://www.ietf.org/rfcdiff?url2=draft-dt-tls-external-psk-guidance-01 Abstract: This document provides usage guidance for external Pre-Shared Keys (PSKs) in TLS. It lists TLS security properties provided by PSKs under certain assumptions and demonstrates how violations of these assumptions lead to attacks. This document also discusses PSK use cases, provisioning processes, and TLS stack implementation support in the context of these assumptions. It provides advice for applications in various use cases to help meet these assumptions. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
