draft-ietf-tls-cached-info-05.txt   draft-ietf-tls-cached-info-06.txt 
INTERNET-DRAFT S. Santesson (3xA Security) INTERNET-DRAFT S. Santesson (3xA Security)
Intended Status: Proposed Standard Intended Status: Proposed Standard
Expires: September 27, 2010 March 26, 2010 Expires: October 1, 2010 March 30, 2010
Transport Layer Security (TLS) Cached Information Extension Transport Layer Security (TLS) Cached Information Extension
<draft-ietf-tls-cached-info-05.txt> <draft-ietf-tls-cached-info-06.txt>
Abstract Abstract
This document defines a Transport Layer Security (TLS) extension for This document defines a Transport Layer Security (TLS) extension for
cached information. This extension allows the TLS client to inform a cached information. This extension allows the TLS client to inform a
server of cached information from previous TLS sessions, allowing the server of cached information from previous TLS sessions, allowing the
server to omit sending cached static information to the client during server to omit sending cached static information to the client during
the TLS handshake protocol exchange. the TLS handshake protocol exchange.
Status of this Memo Status of this Memo
skipping to change at page 2, line 31 skipping to change at page 2, line 31
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
2. Cached Information Extension . . . . . . . . . . . . . . . . . 4 2. Cached Information Extension . . . . . . . . . . . . . . . . . 4
4. Extension Exchange . . . . . . . . . . . . . . . . . . . . . . 5 4. Extension Exchange . . . . . . . . . . . . . . . . . . . . . . 5
4.1. Reconnaissance . . . . . . . . . . . . . . . . . . . . . . 5 4.1. Reconnaissance . . . . . . . . . . . . . . . . . . . . . . 5
4.2. Cached Information . . . . . . . . . . . . . . . . . . . . 5 4.2. Cached Information . . . . . . . . . . . . . . . . . . . . 5
5. Data Substitution . . . . . . . . . . . . . . . . . . . . . . . 6 5. Data Substitution . . . . . . . . . . . . . . . . . . . . . . . 6
5.1. Data Substitution Syntax for certificate_chain . . . . . . 6 5.1. Data Substitution Syntax for certificate_chain . . . . . . 6
5.2. Data Substitution Syntax for trusted_cas . . . . . . . . . 7 5.2. Data Substitution Syntax for trusted_cas . . . . . . . . . 7
6. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 6. Security Considerations . . . . . . . . . . . . . . . . . . . . 8
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 8 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 8
8. Normative References . . . . . . . . . . . . . . . . . . . . . 8 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 8
Annex A - 64 bit FNV-1 Digest . . . . . . . . . . . . . . . . . . . 9 9. Normative References . . . . . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 Annex A - 64 bit FNV-1a digest . . . . . . . . . . . . . . . . . 10
A.1. Definition (Normative) . . . . . . . . . . . . . . . . . 10
A.2 Example code (Informative) . . . . . . . . . . . . . . . 11
A.3. Digest samples (Informative) . . . . . . . . . . . . . . 12
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13
1. Introduction 1. Introduction
TLS handshakes often include fairly static information such as server TLS handshakes often include fairly static information such as server
certificate and a list of trusted Certification Authorities (CAs). certificate and a list of trusted Certification Authorities (CAs).
Static information such as a server certificate can be of Static information such as a server certificate can be of
considerable size. This is the case in particular if the server considerable size. This is the case in particular if the server
certificate is bundled with a complete certificate path, including certificate is bundled with a complete certificate path, including
all intermediary certificates up to the trust anchor public key. all intermediary certificates up to the trust anchor public key.
skipping to change at page 8, line 19 skipping to change at page 8, line 30
2) Establish a registry for TLS CachedInformationType values. The 2) Establish a registry for TLS CachedInformationType values. The
first entries in the registry are certificate_chain(1) and first entries in the registry are certificate_chain(1) and
trusted_cas(2). TLS CachedInformationType values in the inclusive trusted_cas(2). TLS CachedInformationType values in the inclusive
range 0-63 (decimal) are assigned via RFC 5226 [RFC5226] Standards range 0-63 (decimal) are assigned via RFC 5226 [RFC5226] Standards
Action. Values from the inclusive range 64-223 (decimal) are Action. Values from the inclusive range 64-223 (decimal) are
assigned via RFC 5226 Specification Required. Values from the assigned via RFC 5226 Specification Required. Values from the
inclusive range 224-255 (decimal) are reserved for RFC 5226 inclusive range 224-255 (decimal) are reserved for RFC 5226
Private Use. Private Use.
8. Normative References 8. Acknowledgements
The author acknowledge input from many members of the TLS working
group, Martin Rex for extensive review and input and Marsh Ray for
testing and providing digest samples.
9. Normative References
[RFC2119] S. Bradner, "Key words for use in RFCs to Indicate [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997 Requirement Levels", BCP 14, RFC 2119, March 1997
[RFC5226] T. Narten, H. Alvestrand, "Guidelines for Writing an IANA [RFC5226] T. Narten, H. Alvestrand, "Guidelines for Writing an IANA
Considerations Section in RFCs", RFC 5226, May 2008 Considerations Section in RFCs", RFC 5226, May 2008
[RFC5246] T. Dierks, E. Rescorla, "The Transport Layer Security [RFC5246] T. Dierks, E. Rescorla, "The Transport Layer Security
(TLS) Protocol Version 1.2", RFC 5246, August 2008 (TLS) Protocol Version 1.2", RFC 5246, August 2008
[RFC4366] S. Blake-Wilson, M. Nystrom, D. Hopwood, J. Mikkelsen, T. [RFC4366] S. Blake-Wilson, M. Nystrom, D. Hopwood, J. Mikkelsen, T.
Wright, "Transport Layer Security (TLS) Extensions", RFC Wright, "Transport Layer Security (TLS) Extensions", RFC
4366, April 2006 4366, April 2006
NOTE: RFC 4366 will be updated by RFC4366bis, currently in IESG NOTE: RFC 4366 will be updated by RFC4366bis, currently in IESG
process. process.
Annex A - 64 bit FNV-1 Digest Annex A - 64 bit FNV-1a digest
A.1. Definition (Normative)
FNV-1 digest algorithm is a non-cryptographic hash function created FNV-1 digest algorithm is a non-cryptographic hash function created
by Glenn Fowler, Landon Curt Noll, and Phong Vo. The FNV digest by Glenn Fowler, Landon Curt Noll, and Phong Vo. The FNV digest
algorithms and sample FNV source code have been released into the algorithms and sample FNV source code have been released into the
public domain. public domain. FNV-1 has two defined variants, FNV-1 and FNV-1a. The
algorithm specified in this annex specifies the FNV-1a variant.
The FNV-1 digest is generated as follows: The FNV-1a digest is generated as follows:
digest = FNV_offset_basis digest = FNV_offset_basis
for each octet_of_data to be digested for each octet_of_data to be digested {
digest = digest * FNV_prime digest = digest XOR octet_of_data
digest = digest XOR octet_of_data digest = digest * FNV_prime }
return digest return digest
In the above pseudocode, all variables are unsigned integers. All In the above pseudocode, all variables are unsigned integers. All
variables, except for octet_of_data, have the same number of bits as variables, except for octet_of_data, have the same number of bits as
the FNV digest (64 Bits). The variable, octet_of_data, is an 8 bit the FNV digest (64 Bits). The variable, octet_of_data, is an 8 bit
unsigned integer. Specifically for a 64 bit FNV-1 digest the unsigned integer. Specifically for a 64 bit FNV-1a digest the
following applies: following applies:
o All variables, except for octet_of_data, are 64-bit unsigned o All variables, except for octet_of_data, are 64-bit unsigned
integers. integers.
o The variable, octet_of_data, is an 8 bit unsigned integer. o The variable, octet_of_data, is an 8 bit unsigned integer.
o The FNV_offset_basis is the 64-bit FNV offset basis value: o The FNV_offset_basis is the 64-bit FNV offset basis value:
14695981039346656037. 14695981039346656037.
o The FNV_prime is the 64-bit FNV prime value: 1099511628211. o The FNV_prime is the 64-bit FNV prime value: 1099511628211.
o The multiply function (indicated by the '*' symbol) returns the o The multiply function (indicated by the '*' symbol) returns the
lower 64-bits of the product. lower 64-bits of the product.
o The XOR is an 8-bit operation that modifies only the lower 8-bits o The XOR is an 8-bit operation that modifies only the lower 8-bits
of the digest value. of the digest value.
o The digest value returned is an 64-bit unsigned integer. o The digest value returned is an 64-bit unsigned integer.
A.2 Example code (Informative)
/**
* Java example code implementing FNV-1a according to Annex A
*/
import java.math.BigInteger;
public class FNV {
static public BigInteger getFNV1a64Digest (String inpString) {
BigInteger m = new BigInteger("2").pow(64);
BigInteger fnvPrime = new BigInteger("1099511628211");
BigInteger fnvOffsetBasis = new BigInteger
("14695981039346656037");
BigInteger digest = fnvOffsetBasis;
for (int i = 0; i < inpString.length(); i++) {
digest = digest.xor(BigInteger.valueOf(
(int) inpString.charAt(i)));
digest = digest.multiply(fnvPrime).mod(m);
}
return (digest);
}
}
A.3. Digest samples (Informative)
Digest samples for 64 bit FNV-1a according to A.1.
For input data:
null ("")
0 bytes
Digest is: CB F2 9C E4 84 22 23 25
For input data:
hex: 61 ("a")
1 byte
Digest is: AF 63 DC 4C 86 01 EC 8C
For input data:
hex: FF 00 00 01
4 bytes
Digest is: 69 61 19 64 91 CC 68 2D
For input data:
hex: 68 74 74 70 3A 2F 2F 65 6E 2E 77 69 6B 69 70 65
64 69 61 2E 6F 72 67 2F 77 69 6B 69 2F 46 6F 77
6C 65 72 5F 4E 6F 6C 6C 5F 56 6F 5F 68 61 73 68
("http://en.wikipedia.org/wiki/Fowler_Noll_Vo_hash")
48 bytes
Digest is: D9 B9 57 FB 7F E7 94 C5
Authors' Addresses Authors' Addresses
Stefan Santesson Stefan Santesson
3xA Security AB 3xA Security AB
Bjornstorp 744 Bjornstorp 744
247 98 Genarp 247 98 Genarp
Sweden Sweden
EMail: sts@aaa-sec.com EMail: sts@aaa-sec.com
 End of changes. 11 change blocks. 
14 lines changed or deleted 88 lines changed or added

This html diff was produced by rfcdiff 1.38. The latest version is available from http://tools.ietf.org/tools/rfcdiff/