A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Transport Layer Security WG of the IETF.
Title : Guidance for External PSK Usage in TLS
Authors : Russ Housley
Jonathan Hoyland
Mohit Sethi
Christopher A. Wood
Filename : draft-ietf-tls-external-psk-guidance-05.txt
Pages : 16
Date : 2022-01-11
Abstract:
This document provides usage guidance for external Pre-Shared Keys
(PSKs) in Transport Layer Security (TLS) 1.3 as defined in RFC 8446.
It lists TLS security properties provided by PSKs under certain
assumptions, and then demonstrates how violations of these
assumptions lead to attacks. Advice for applications to help meet
these assumptions is provided. It also discusses PSK use cases and
provisioning processes. Finally, it lists the privacy and security
properties that are not provided by TLS 1.3 when external PSKs are
used.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-tls-external-psk-guidance/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-tls-external-psk-guidance-05.html
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-external-psk-guidance-05
Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
