If I understand this draft correctly, this draft describes server behavior. It does not change anything within the TLS 1.3 protocol. IOW a server doing this will interoperate with any client.
I searched the tls13 draft to see if it has anything to say about this, and the only thing I found was this line in appendix D.1: If fresh (EC)DHE keys are used for each connection, then the output keys are forward secret. So a server is not required to generate fresh (EC)DHE keys for each connection. In fact, generating fresh keys periodically and discarding the old ones are a legitimate way to achieve forward secrecy. What this draft does differently is to save the old (EC)DHE private keys, which loses the forward secrecy. So given that what the draft proposes is possible with the current TLS 1.3, what do the proponents want? Is it just to have a document that describes this server behavior? Yoav On 15 Nov 2016, at 8:21, Sean Turner <s...@sn3rd.com> wrote: > Please note that this draft is related to the agenda item: > > - TLS Visibility Inside the Data Center > > spt > >> Begin forwarded message: >> >> From: internet-dra...@ietf.org >> Subject: I-D Action: draft-green-tls-static-dh-in-tls13-00.txt >> Date: November 14, 2016 at 15:36:49 GMT+9 >> To: <i-d-annou...@ietf.org> >> Reply-To: internet-dra...@ietf.org >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> >> >> Title : Data Center use of Static Diffie-Hellman in TLS 1.3 >> Author : Matthew Green >> Filename : draft-green-tls-static-dh-in-tls13-00.txt >> Pages : 4 >> Date : 2016-11-13 >> >> Abstract: >> Unlike earlier versions of TLS, current drafts of TLS 1.3 have >> instead adopted ephemeral-mode Diffie-Hellman and elliptic-curve >> Diffie-Hellman as the primary cryptographic key exchange mechanism >> used in TLS. This document describes an optional configuration for >> TLS servers that allows for the use of a static Diffie-Hellman secret >> for all TLS connections made to the server. Passive monitoring of TLS >> connections can be enabled by installing a corresponding copy of this >> key in each monitoring device. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-green-tls-static-dh-in-tls13/ >> >> There's also a htmlized version available at: >> https://tools.ietf.org/html/draft-green-tls-static-dh-in-tls13-00 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> I-D-Announce mailing list >> i-d-annou...@ietf.org >> https://www.ietf.org/mailman/listinfo/i-d-announce >> Internet-Draft directories: http://www.ietf.org/shadow.html >> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
