The TLS Working Group met on 1 August 2000 at the 48th IETF meeting in Pittsburgh, PA. The meeting was chaired by Win Treese (treese@openmarket.com). Minutes by Win Treese.
Mailing list: ietf-tls@lists.certicom.com
These notes and presentations from the meeting are available at http://www.treese.org/ietf-tls/meetings/00-08/index.html
Note: rendered versions of the PowerPoint slides into images and HTML will be available shortly.
The TLS charter is out of date and needs to be updated. Treese proposed the following new text and milestones:
The TLS Working Group was established in 1996 to standardize a "transport layer" security protocol. The working group began with SSL version 3.0, and in 1999, RFC 2246, TLS Protocol Version 1.0 was published as a Proposed Standard. The working group has also published RFC 2712, Addition of Kerberos Ciphersuites to Transport Layer Security (TLS) as a Proposed Standard, and two RFCs on the use of TLS with HTTP.
The primary purpose of the working group is to advance the TLS Protocol to Internet Standard. In addition, the working group will publish documents defining new ciphersuites for use with TLS as needed.
Milestones
Nov 2000 First revised draft of TLS specification
Apr 2001 Submit specification to IESG for consideration as Draft Standard
This proposal was generally accepted in the room, with final discussion and agreement to forward to the IESG to be done on the mailing list.
The main goal of the working group at this point is to get the TLS specification to Draft Standard. Tim Dierks has agreed to continue as the document editor.
At this time, we don't have any planned major changes for the protocol, so we are hoping to edit the specification for clarity and to refine a few points. Any proposed changes (major or minor) should be sent to the mailing list.
Tim Wright <timothy.wright@vf.vodafone.co.uk>, chair of the WAP Security Group, gave a presentation proposing some changes to TLS to make it more suitable for use with wireless and mobile devices. This work is based on experience with the current security protocol defined by the WAP Forum, called WTLS (despite the similarity in names, the two protocols are only loosely related today).
Tim agreed that he would submit an Internet Draft proposing specific changes before the next meeting.
Tim's slides: [PowerPoint]
Misty-1: Hirosato Tsuji and Toshio Tokita of Mitsubishi Electric Corporation gave a presentation proposing a new set of ciphersuites based on the Misty-1 cipher. These ciphersuites would not be defined in a standards-track document. They have an Internet Draft in preparation, but it is not yet available.
Tokita slides: [PowerPoint]
Camellia et al: Shiho Moriai <shiho@isl.ntt.co.jp> of NTT Laboratories proposed adding new ciphersuites for the Camellia, EPOC, and PSEC algorithms. These ciphersuites would not be defined in a standards-track document. There is an Internet Draft in preparation, but it is not yet available.
Moriai slides: [PowerPoint]
SEED/HAS-160: Also, Joo-won Jung <jwjung@initech.com> and ChangHee Lee <chlee@initech.com> of INITECH, Inc., have submitted an Internet Draft defining a ciphersuite based on the SEED and HAS-160 algorithms. An Internet Draft is available at draft-ietf-tls-seedhas-00.txt. This ciphersuite is not proposed for the standards track. Unfortunately, they were not able to attend, so there was no relevant discussion at the meeting. However, some slides are available.
Jung slides: [PowerPoint]
Vipul Gupta <Vipul.Gupta@Eng.Sun.COM> gave a presentation about experiences implementing TLS on a handheld device. His slides are available at http://playground.sun.com/~vgupta/KSSL.