draft-ietf-tls-cached-info-00.txt   draft-ietf-tls-cached-info-01.txt 
INTERNET-DRAFT S. Santesson (3xA Security) INTERNET-DRAFT S. Santesson (3xA Security)
Intended Status: Proposed Standard Q. Dang (NIST) Intended Status: Proposed Standard Q. Dang (NIST)
Transport Layer Security (TLS) Cached Information Extension Transport Layer Security (TLS) Cached Information Extension
<draft-ietf-tls-cached-info-00.txt> <draft-ietf-tls-cached-info-01.txt>
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 2, line 32 skipping to change at page 2, line 32
2 Cached Information Extension 2 Cached Information Extension
A new extension type (cached_information(TBD)) is defined and used in A new extension type (cached_information(TBD)) is defined and used in
both the client hello and server hello messages. The extension type both the client hello and server hello messages. The extension type
is specified as follows. is specified as follows.
enum { enum {
cached_information(TBD), (65535) cached_information(TBD), (65535)
} ExtensionType; } ExtensionType;
The "extension_data" field of this extension SHALL contain The "extension_data" field of this extension, when included in the
"CachedInformation" according to the following structure: client hello, SHALL contain "CachedInformation" according to the
following structure:
enum { enum {
certificate_chain(1), trusted_cas(2), (255) certificate_chain(1), trusted_cas(2), (255)
} CachedInformationType; } CachedInformationType;
struct { struct {
HashAlgorithm hash; HashAlgorithm hash;
opaque hash_value<1..255>; opaque hash_value<1..255>;
} CachedInformationHash; } CachedInformationHash;
skipping to change at page 3, line 21 skipping to change at page 3, line 21
When CachedInformationType identifies certificate_chain, then When CachedInformationType identifies certificate_chain, then
hash_value MUST include at least one hash value calculated over the hash_value MUST include at least one hash value calculated over the
certificate_list element of a server side Certificate message. certificate_list element of a server side Certificate message.
When CachedInformationType identifies trusted_cas, then hash_value When CachedInformationType identifies trusted_cas, then hash_value
MUST include at least one hash value calculated over the MUST include at least one hash value calculated over the
certificate_authorities element of a server side CertificateRequest certificate_authorities element of a server side CertificateRequest
message. message.
The client MUST NOT include hashes for multiple objects in the same
CachedObject structure. If more than one hash is present in the
CachedObject structure, they MUST be hashes over the same information
object using different hash algorithms.
Other specifications MAY define more CachedInformationType types. Other specifications MAY define more CachedInformationType types.
4 Message flow 4 Message flow
Clients MAY include an extension of type "cached_information" in the Clients MAY include an extension of type "cached_information" in the
(extended) client hello, which SHALL contain at least one (extended) client hello, which SHALL contain at least one
CachedObject as specified in section 2. CachedObject as specified in section 2. Clients MAY need the ability
to cache different values depending on other information in the
Client Hello that modify what values the server uses, in particular
the Server Name Indication [RFC4366] value.
Servers that receive an extended client hello containing a Servers that receive an extended client hello containing a
"cached_information" extension, MAY indicate that they support one or "cached_information" extension, MAY indicate that they support
more of the cached information objects by including an extension of caching of information objects by including an extension of type
type "cached_information" in the (extended) server hello, which SHALL "cached_information" with an empty extension_data field in their
contain at least one CachedObject received from the client. The (extended) server hello.
CachedObject's returned by the server MUST include the types the
server supports and has accepted to replace with a hash of the cached
data.
After negotiation of the use of cached certificates has been Following a successful exchange of "cached_information" extensions,
successfully completed (by exchanging hello messages including the server may replace data objects identified through the client
"cached_certs" extensions), the server MUST replace agreed cached extension with any of the CachedInformationHash values received from
information objects in its handshake messages with a corresponding the client, which matches the replaced object.
hash_value from CachedInformationHash that was included in the
cached_information extension of the server hello message.
The handshake protocol will proceed using the cached data as if it The handshake protocol will proceed using the cached data as if it
they were provided in the handshake protocol. The finished message was provided in the handshake protocol. The finished message will
will however be calculated over the actual data exchanged in the however be calculated over the actual data exchanged in the handshake
handshake protocol. That is, the finished message will be calculated protocol. That is, the finished message will be calculated over the
over the hash values of cached information objects and not over the hash values of cached information objects and not over the cached
cached objects that were omitted from transmission. objects that were omitted from transmission.
5 Security Considerations 5 Security Considerations
Hash algorithms used in this specification are required to have Hash algorithms used in this specification are required to have
reasonable random properties in order to provide reasonably unique reasonable random properties in order to provide reasonably unique
identifiers. Failure of a provided hash to correctly and uniquely identifiers. Failure of a provided hash to correctly and uniquely
identify the correct set of hashed parameters may at most lead to a identify the correct set of hashed parameters may at most lead to a
failed TLS handshake followed by a new attempt without the cached failed TLS handshake followed by a new attempt without the cached
information extension. No serious security threat requires selected information extension. No serious security threat requires selected
hash algorithms to have strong collision resistance. hash algorithms to have strong collision resistance.
skipping to change at page 4, line 26 skipping to change at page 4, line 30
1) Create an entry, cached_information(TBD), in the existing registry 1) Create an entry, cached_information(TBD), in the existing registry
for ExtensionType (defined in RFC 5246 [RFC5246]). for ExtensionType (defined in RFC 5246 [RFC5246]).
2) Establish a registry for TLS CachedInformationType values. The 2) Establish a registry for TLS CachedInformationType values. The
first entries in the registry are certificate_chain(1) and first entries in the registry are certificate_chain(1) and
trusted_cas(2). TLS CachedInformationType values in the inclusive trusted_cas(2). TLS CachedInformationType values in the inclusive
range 0-63 (decimal) are assigned via RFC 5226 [RFC5226] Standards range 0-63 (decimal) are assigned via RFC 5226 [RFC5226] Standards
Action. Values from the inclusive range 64-223 (decimal) are Action. Values from the inclusive range 64-223 (decimal) are
assigned via RFC 5226 Specification Required. Values from the assigned via RFC 5226 Specification Required. Values from the
inclusive range 224-255 (decimal) are reserved for RFC 5226 Private inclusive range 224-255 (decimal) are reserved for RFC 5226
Use. Private Use.
7 Normative References 7 Normative References
[RFC2119] S. Bradner, "Key words for use in RFCs to Indicate [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC5226] T. Narten, H. Alvestrand, "Guidelines for Writing an [RFC5226] T. Narten, H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", RFC 5226, IANA Considerations Section in RFCs", RFC 5226,
May 2008.
[RFC5246] T. Dierks, E. Rescorla, "The Transport Layer Security [RFC5246] T. Dierks, E. Rescorla, "The Transport Layer Security
(TLS) Protocol Version 1.2", RFC 5246, August 2008 (TLS) Protocol Version 1.2", RFC 5246, August 2008
[RFC4366] S. Blake-Wilson, M. Nystrom, D. Hopwood, J. Mikkelsen,
T. Wright, "Transport Layer Security (TLS) Extensions",
Authors' Addresses Authors' Addresses
Stefan Santesson Stefan Santesson
3xA Security AB 3xA Security AB
Bjornstorp 744 Bjornstorp 744
247 98 Genarp 247 98 Genarp
Sweden Sweden
EMail: sts@aaa-sec.com EMail: sts@aaa-sec.com
skipping to change at page 5, line 45 skipping to change at page 6, line 25
All IETF Documents and the information contained therein are provided All IETF Documents and the information contained therein are provided
on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE
IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL
WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY
WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE
ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE. FOR A PARTICULAR PURPOSE.
Expires January 2009 Expires December 2009
 End of changes. 12 change blocks. 
28 lines changed or deleted 31 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/