A new Request for Comments is now available in online RFC libraries.
RFC 9150
Title: TLS 1.3 Authentication and Integrity-Only
Cipher Suites
Author: N. Cam-Winget,
J. Visoky
Status: Informational
Stream: Independent
Date: April 2022
Mailbox: [email protected],
[email protected]
Pages: 10
Updates/Obsoletes/SeeAlso: None
I-D Tag: draft-camwinget-tls-ts13-macciphersuites-12.txt
URL: https://www.rfc-editor.org/info/rfc9150
DOI: 10.17487/RFC9150
This document defines the use of cipher suites for TLS 1.3 based on
Hashed Message Authentication Code (HMAC). Using these cipher suites
provides server and, optionally, mutual authentication and data
authenticity, but not data confidentiality. Cipher suites with these
properties are not of general applicability, but there are use cases,
specifically in Internet of Things (IoT) and constrained
environments, that do not require confidentiality of exchanged
messages while still requiring integrity protection, server
authentication, and optional client authentication. This document
gives examples of such use cases, with the caveat that prior to using
these integrity-only cipher suites, a threat model for the situation
at hand is needed, and a threat analysis must be performed within
that model to determine whether the use of integrity-only cipher
suites is appropriate. The approach described in this document is not
endorsed by the IETF and does not have IETF consensus, but it is
presented here to enable interoperable implementation of a
reduced-security mechanism that provides authentication and message
integrity without supporting confidentiality.
INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.
This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
https://www.ietf.org/mailman/listinfo/ietf-announce
https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk
Requests for special distribution should be addressed to either the
author of the RFC in question, or to [email protected]. Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.
The RFC Editor Team
Association Management Solutions, LLC
_______________________________________________
IETF-Announce mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf-announce
