TLS WG Minutes -- San Jose IETF December 1996

             TLS WG Minutes -- San Jose IETF December 1996


The TLS group covered two main topics at it's WG meeting. A proposal
to take the latest TLS draft (edited by Dierks/Allen) as the
starting point was offered. It was proposed that this document plus
a limited set of presented changes be submitted for publication.
After some debate and some advice from the AD, this proposal was
agreed to, unanimously, by the group. The next step for the group is
to proceed with a working group last call on the draft (with the
short modifications list integrated.)  After this the group plans to
discuss changes to the base TLS protocol, as there are several
proposals now on the table.


There was discussion regarding a short list of modifications to the
existing SSL 3 work. It was suggested that the working group adopt
this short list and submit the resulting draft as a proposed TLS 1.0
standard. This point was considered in some detail by the group, and
significant advice was provided by the Area Director, Jeff Schiller.
It was agreed that further modifications to the TLS protocol beyond
the short list would take place after a draft has been completed and
submitted. Milestones are:

    Jan. 6, 1997      Draft with proposed modifications to list
    Jan. 20, 1997     Conclusion of comments/discussion
    Feb. 3, 1997      Changes incorporated, submit draft to IESG
    March, 1997       Memphis IETF, new business


A total of approximately 300 IETF members attended the TLS WG
meeting on 9 December 1996. Christopher Allen presided over the
meeting. Win Treese, WG chair, was not able to attend. Rodney Thayer
and Jonathan Zamick prepared these meeting minutes.

The agenda was:
    Announcements and Introductions
    Presentation of current documents
    Presentation of TLS 1.0 Draft and Proposed Modifications
    Quick Topics:
        Presentation of TLS Compression proposal
        Presentation of TLS FTP proposal
        Presentation of TLS Kerberos proposal
        Presentation of TLS Password Authorization proposal
    Wrap-up and summary of new milestones

Christopher Allen welcomed the attendees to the meeting. Win Treese,
WG chair, was unable to attend due to personal commitments.
Approximately half the members present indicated they follow the
mailing list. It was announced that the WG chair has asked
Christopher Allen and Tim Dierks to edit the TLS document. Cylink
announced they are looking for partners for a TLS effort. There is
an SSL FAQ, copies were handed out. Terisa announced they have an
SSL implementation. There is a group investigating certificate
storage on media or offline. Compuserve (R. Petke) announced they
are doing work on remote passphrase authentication, and gave
pointers to some drafts. They are also looking into NNTP and POP3. A
summary of E-mail addresses and URL's is included at the end of the

Tim Dierks presented the TLS 1.0 document. This is essentially the
same as the SSL 3 document (the protocol specifies the same 'bits on
the wire'). He explained that the strategy, as decided at the
Montreal IETF meeting, was for TLS to be based on SSL revision 3, as
opposed to SSL 2 or SSH or PCT or some other transport layer
security proposal. The intent is that this document, with a minimal
set of modifications, be moved forward towards proposed standard.

Tim then presented the modifications document, which contains ten
items. These are mostly very minor points of clarification. The
three major points are that (1) the MAC should change to align with
current IETF HMAC thinking, (2) Fortezza was removed as it is a
proprietary unpublished technology, and (3) the record layer and
handshake layer are to be separated out. There was some discussion
of this, as there were individuals in the group who initially did
not agree with the view that these were "minor" changes or that this
was an appropriate list of limited modifications.

Jeff Schiller (Area Directory for Security) participated in this. He
offered the (somewhat stern) observation that the WG has a
responsibility to produce progress, and that if the WG does not show
progress the IESG can and may dispand it. This then led the group to
come to the consensus that the base document plus the modifications
should be combined into a single document that can be submitted for
consideration as a proposed standard.

In the end, the numbers worked out like this:  30-40 people
indicated they had read the documents. Of these, several had initial
objections but withdrew them. There were several points that were
brought up and it was suggested they be considered later. These
were:  a service definition or API, clarity on use of distinguished
names and certificates in general, and password (non-certificate)

Bob Monsour presented a proposal to incorporate compression, as a
CipherSuite, into TLS. A draft was made available the week after the

Paul Ford-Hutchinson presented some work on a TLS-based FTP client
and server. It was noted that this is in some ways more complex then
the HTTP case as there are two TCP connections and the issue of who
is the TLS client and who is the server becomes significant. Also he
pointed out that if the control circuit is encrypted, the data
circuit should be too.

Ari Medvinsky presented some work on using Kerberos as an
authentication mechanism for TLS. The idea is that Kerberos would be
used to replace RSA or DSS for key exchange. The premaster secret
would be sent protected with a Kerberos session key.

Dan Simon presented some work on password authentication and how it
would fit into the TLS framework. Tim Dierks proposed that we
separate "SKAP" (Shared Key Authentication) from the transport
protocol. The use of passwords for shared key authentication was
presented with the reasoning being that passwords are still in wide
use, as opposed to certificates, and the password would be protected
because it would not be transmitted in the clear.

Christopher Allen wrapped up the meeting by reviewing the items
covered, and the proposed next goals. Tim Dierks has an action item
to get the TLS document merged and edited by mid-January for review
by the Working Group.

    TLS Working Group email list:
, To subscribe send to,
          put 'subscribe' in the subject.

    TLS and related documents (in Internet Drafts directory unless
    otherwise noted):
        . draft-ietf-tls-ssl-3-00.txt
        . draft-ietf-tls-ssl-mods-00.txt
        . SSL Reference implementation available at

        . draft-ietf-tls-xxx compression
        . draft-murray-auth-ftp-ssl-00.txt
        . draft-ietf-tls-kerb-cipher-suites-00.txt, reference implementation
          available at
        . draft-ietf-tls-pathauth-00.txt
        . HMAC: draft-ietf-ipsec-hmac-md5-01.txt
        . Remote Passphrase: draft-petke-ext-intro-00.txt, draft-petke-mech-
          00.txt, draft-petke-http-auth-scheme-00.txt, draft-petke-serv-
        . SSL FAQ:

     TLS Working Group Chairman:
        Win Treese <>
     TLS Editors:
        Christopher Allen <>
        Tim Dierks <>
     Area Director:
        Jeff Schiller <>
     Certificate Storage (Working Group):, put 'subscribe' as the subject.
     Compuserve Remote Passphrase:,
        Rodney Thayer <>
        Jonathan Zamick <>

..Christopher Allen                  Consensus Development Corporation..
..<>                 1563 Solano Avenue #355..
..                                             Berkeley, CA 94707-2116..
..Home of "SSL Plus:                      o510/559-1500  f510/559-1505..
..  SSL 3.0 Integration Suite(tm)" <>..

Received on Thursday, 19 December 1996 15:54:21 UTC