TLS working group meeting, 1 August 2000

The TLS Working Group met on 1 August 2000 at the 48th IETF meeting in Pittsburgh, PA.

Minutes by Win Treese. The meeting was chaired by Win Treese <treese@openmarket.com>.

Mailing list: ietf-tls@lists.certicom.com

These notes and presentations from the meeting are available at http://www.treese.org/ietf-tls/meetings/00-08/index.html

Agenda

  1. Update TLS charter
  2. Getting to Draft Standard
  3. Presentation and discussion on WTLS (Wireless Transport Layer Security)
  4. Proposed cipher suite specifications
  5. Presentation: TLS on mobile devices (Vipul Gupta)

New charter

The TLS charter is out of date and needs to be updated. Treese proposed the following new text and milestones:
The TLS Working Group was established in 1996 to standardize a "transport layer" security protocol. The working group began with SSL version 3.0, and in 1999, RFC 2246, TLS Protocol Version 1.0 was published as a Proposed Standard. The working group has also published RFC 2712, Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) as a Proposed Standard, and two RFCs on the use of TLS with HTTP.

The primary purpose of the working group is to advance the TLS Protocol to Internet Standard. In addition, the working group will publish documents defining new ciphersuites for use with TLS as needed.

Milestones

Nov 2000 First revised draft of TLS specification
April 2001 Submit specification to IESG for consideration as Draft Standard

This proposal was generally accepted in the room, with final discussion and agreement to forward to the IESG to be done on the mailing list.

Getting to Draft Standard

The main goal of the working group at this point is to get the TLS specification to Draft Standard. Tim Dierks has agreed to continue as the document editor.

At this time, we don't have any planned major changes for the protocol, so we are hoping to edit the specification for clarity and to refine a few points. Any proposed changes (major or minor) should be sent to the mailing list.

Presentation: Wireless Transport Layer Security (WTLS)

Tim Wright <timothy.wright@vf.vodafone.co.uk>, chair of the WAP Security Group, gave a presentation proposing some changes to TLS to make it more suitable for use with wireless and mobile devices. This work is based on experience with the current security protocol defined by the WAP Forum, called WTLS (despite the similarity in names, the two protocols are only loosely related today).

Tim agreed that he would submit an Internet Draft proposing specific changes before the next meeting.

Tim's slides: [PowerPoint]

Proposed cipher suite specifications

Misty-1: Hirosato Tsuji and Toshio Tokita of Mitsubishi Electric Corporation gave a presentation proposing a new set of cipher suites based on the Misty-1 cipher. These cipher suites would not be defined in a standards-track document. They have an Internet Draft in preparation, but it is not yet available.

Tokita slides: [PowerPoint]

Camellia et al: Shiho Moriai <shiho@isl.ntt.co.jp> of NTT Laboratories proposed adding new cipher suites for the Camellia, EPOC, and PSEC algorithms. These cipher suites would not be defined in a standards-track document. There is an Internet Draft in preparation, but it is not yet available.

Moriai slides: [PowerPoint]

SEED/HAS-160: Also, Joo-won Jung <jwjung@initech.com> and ChangHee Lee <chlee@initech.com> of INITECH, Inc., have submitted an Internet Draft defining a cipher suite based on the SEED and HAS-160 algorithms. An Internet Draft is available at ftp://ftp.ietf.org/internet-drafts/draft-ietf-tls-seedhas-00.txt This cipher suite is not proposed for the standards track. Unfortunately, they were not able to attend, so there was no relevant discussion at the meeting. However, some slides are available.

Jung slides: [PowerPoint]

Presentation: End-to-end Security for Small Devices (Vipul Gupta)

Vipul Gupta <Vipul.Gupta@Eng.Sun.COM> gave a presentation about experiences implementing TLS on a handheld device. His slides are available at http://playground.sun.com/~vgupta/KSSL