Hi all,We (Songbo and I) would like to request adoption of -09. This version adds a possible template for:
1. threat model (Sec. 3.2.3) and 2. informal security goals (Sec. 3.3.1)which -- in our experience and as authors of draft-wang-tls-service-affinity requested -- the authors of (adopted and individual) drafts in the WG, in general, find the most difficult to get right.
We hope this draft will help bring the authors, implementers and formal analysis enthusiasts on the same page to lower down the temperature of the room.
Welcome any comments or thoughts and we will address those at priority.In particular, we request feedback from FATT and authors of (adopted and individual) drafts in the WG.
Best regards, Usama and Songbo -------- Forwarded Message --------Subject: New Version Notification for draft-usama-tls-fatt-extension-09.txt
Date: Mon, 06 Jul 2026 04:13:25 -0700 From: [email protected]To: Muhammad Sardar <[email protected]>, Muhammad Usama Sardar <[email protected]>, Songbo Bu <[email protected]>
A new version of Internet-Draft draft-usama-tls-fatt-extension-09.txt has been
successfully submitted by Muhammad Usama Sardar and posted to the IETF repository. Name: draft-usama-tls-fatt-extension Revision: 09 Title: Proposed Document Template for TLS FATT Process Date: 2026-07-06 Group: Individual Submission Pages: 14 URL: https://www.ietf.org/archive/id/draft-usama-tls-fatt-extension-09.txt Status: https://datatracker.ietf.org/doc/draft-usama-tls-fatt-extension/ HTML: https://www.ietf.org/archive/id/draft-usama-tls-fatt-extension-09.htmlHTMLized: https://datatracker.ietf.org/doc/html/draft-usama-tls-fatt-extension Diff: https://author-tools.ietf.org/iddiff?url2=draft-usama-tls-fatt-extension-09
Abstract: This document applies only to non-trivial extensions of TLS, which require formal analysis. FATT process has successfully discovered CVEs of *CVSS 7.5* and most recently expected *CVSS 9.1* in the *production* implementations of the drafts proposed for adoption in the TLS WG. To achieve high cryptographic assurances, this document proposes the drafts specify a clear threat model and informal security goals in the Security Considerations section, as well as motivation and a protocol diagram in the draft. The IETF Secretariat
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
