[TLS] Protocol Action: 'TLS 1.3 Extension for Using Certificates with an External Pre-Shared Key' to Proposed Standard (draft-ietf-tls-8773bis-12.txt)
The IESG <iesg-secretary@ietf.org> Thu, 04 September 2025 16:24 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: tls@ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from [10.244.8.8] (unknown [4.156.85.76]) by mail2.ietf.org (Postfix) with ESMTP id DEBD45D6A77B; Thu, 4 Sep 2025 09:24:49 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 12.48.0
Auto-Submitted: auto-generated
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <175700308984.128408.15802158214437970335@dt-datatracker-675b4b44d6-7qfz4>
Date: Thu, 04 Sep 2025 09:24:49 -0700
Message-ID-Hash: CLWNJDBKJWYSXIJDORSMV2MTPNYIJGBN
X-Message-ID-Hash: CLWNJDBKJWYSXIJDORSMV2MTPNYIJGBN
X-MailFrom: iesg-secretary@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, draft-ietf-tls-8773bis@ietf.org, jsalowey@gmail.com, paul.wouters@aiven.io, rfc-editor@rfc-editor.org, tls-chairs@ietf.org, tls@ietf.org
X-Mailman-Version: 3.3.9rc6
Subject: [TLS] Protocol Action: 'TLS 1.3 Extension for Using Certificates with an External Pre-Shared Key' to Proposed Standard (draft-ietf-tls-8773bis-12.txt)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/souWZQlrHejdUOw2N8BNNYP7lCY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
The IESG has approved the following document: - 'TLS 1.3 Extension for Using Certificates with an External Pre-Shared Key' (draft-ietf-tls-8773bis-12.txt) as Proposed Standard This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Paul Wouters and Deb Cooley. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-tls-8773bis/ Technical Summary This document specifies a TLS 1.3 extension that allows TLS clients and servers to authenticate with certificates and provide confidentiality based on encryption with a symmetric key from the usual key agreement algorithm and an external pre-shared key (PSK). This Standards Track RFC (once approved) obsoletes RFC 8773, which was an Experimental RFC. Working Group Summary Initially there was concern that the document may impact the security properties of TLS. The working group chairs used the FATT (Formal analysis triage team) to analyze the document which raised some concerns with security claims around post-quantum and authentication properties. The draft was revised to modify the security claims according to the consensus of the group. Document Quality Some of the mechanisms in this document are used in a standards track document in the EMU working group, draft-ietf-emu-bootstrapped-tls-08. There are implementations of this protocol. The document has been reviewed by participants from that WG. The document has had review from the TLS FATT. The summary of this review is here: https://github.com/tlswg/rfc8773bis/blob/main/fatt-review/IETF%20FATT%20Report%20-%208773bis.pdf Personnel The Document Shepherd for this document is Joseph A. Salowey. The Responsible Area Director is Paul Wouters.