Internet-Draft draft-ietf-tls-extended-key-update-05.txt is now available. It
is a work item of the Transport Layer Security (TLS) WG of the IETF.
Title: Extended Key Update for Transport Layer Security (TLS) 1.3
Authors: Hannes Tschofenig
Michael Tüxen
Tirumaleswar Reddy
Steffen Fries
Yaroslav Rosomakho
Name: draft-ietf-tls-extended-key-update-05.txt
Pages: 18
Dates: 2025-07-07
Abstract:
TLS 1.3 ensures forward secrecy by performing an ephemeral Diffie-
Hellman key exchange during the initial handshake, protecting past
communications even if a party's long-term keys are later
compromised. While the built-in KeyUpdate mechanism allows traffic
keys to be refreshed during a session, it does not introduce new
forward-secret key material. This limitation can pose a security
risk in long-lived sessions, such as those found in industrial IoT or
telecommunications environments.
To address this, this specification defines an extended key update
mechanism that performs a fresh Diffie-Hellman exchange within an
active session, thereby re-establishing forward secrecy beyond the
initial handshake. By forcing attackers to exfiltrate new key
material repeatedly, this approach mitigates the risks associated
with static key compromise. Regular renewal of session keys helps
contain the impact of such compromises. The extension is applicable
to both TLS 1.3 and DTLS 1.3.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-tls-extended-key-update/
There is also an HTMLized version available at:
https://datatracker.ietf.org/doc/html/draft-ietf-tls-extended-key-update-05
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-tls-extended-key-update-05
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]
