| rfc9918v1.txt | rfc9918.txt | |||
|---|---|---|---|---|
| skipping to change at line 66 ¶ | skipping to change at line 66 ¶ | |||
| 7. Normative References | 7. Normative References | |||
| Acknowledgments | Acknowledgments | |||
| Authors' Addresses | Authors' Addresses | |||
| 1. Introduction | 1. Introduction | |||
| [RFC7589] defines how to protect NETCONF messages [RFC6241] with TLS | [RFC7589] defines how to protect NETCONF messages [RFC6241] with TLS | |||
| 1.2 [RFC5246]. This document updates [RFC7589] to update support | 1.2 [RFC5246]. This document updates [RFC7589] to update support | |||
| requirements for TLS 1.2 [RFC5246] and add TLS 1.3 [RFC9846] support | requirements for TLS 1.2 [RFC5246] and add TLS 1.3 [RFC9846] support | |||
| requirements, including restrictions on the use of TLS 1.3's early | requirements, including restrictions on the use of TLS 1.3's early | |||
| data, which is also known as 0-RTT data. It also updates "netconf- | data, which is also known as 0-RTT data. It also updates | |||
| tls", the IANA-registered port number entry, to refer to this | "netconf-tls", the IANA-registered port number entry, to refer to | |||
| document. All other provisions set forth in [RFC7589] are unchanged, | this document. All other provisions set forth in [RFC7589] are | |||
| including connection initiation, message framing, connection closure, | unchanged, including connection initiation, message framing, | |||
| certificate validation, server identity, and client identity. | connection closure, certificate validation, server identity, and | |||
| client identity. | ||||
| | NOTE: Implementations that support TLS 1.3 [RFC9846] should | | NOTE: Implementations that support TLS 1.3 [RFC9846] SHOULD | |||
| | refer to TLS 1.3 in Sections 4 and 5 of [RFC7589]. | | also follow Sections 4 and 5 of [RFC7589]. | |||
| 2. Conventions | 2. Conventions | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
| BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| 3. Early Data | 3. Early Data | |||
| skipping to change at line 100 ¶ | skipping to change at line 101 ¶ | |||
| share a Pre-Shared Key (PSK), either obtained externally or via a | share a Pre-Shared Key (PSK), either obtained externally or via a | |||
| previous handshake. The client uses the PSK to authenticate the | previous handshake. The client uses the PSK to authenticate the | |||
| server and to encrypt the early data. | server and to encrypt the early data. | |||
| As noted in Section 2.3 of [RFC9846], the security properties for | As noted in Section 2.3 of [RFC9846], the security properties for | |||
| early data are weaker than those for subsequent TLS-protected data. | early data are weaker than those for subsequent TLS-protected data. | |||
| In particular, early data is not forward secret, and there is no | In particular, early data is not forward secret, and there is no | |||
| protection against the replay of early data between connections. | protection against the replay of early data between connections. | |||
| Appendix F.5 of [RFC9846] requires applications not use early data | Appendix F.5 of [RFC9846] requires applications not use early data | |||
| without a profile that defines its use. This document specifies that | without a profile that defines its use. This document specifies that | |||
| NETCONF implementations that support TLS 1.3 MUST NOT use early data. | NETCONF implementations that support TLS 1.3 or later MUST NOT use | |||
| early data. | ||||
| 4. Cipher Suites | 4. Cipher Suites | |||
| Implementations MUST support mutually authenticated TLS 1.2 | Implementations MUST support mutually authenticated TLS 1.2 | |||
| [RFC5246], and they are, as specified in [RFC9325], recommended to | [RFC5246], and they are, as specified in [RFC9325], recommended to | |||
| support the cipher suites found in Section 4.2 of [RFC9325]. | support the cipher suites found in Section 4.2 of [RFC9325]. | |||
| Implementations MAY implement additional TLS 1.2 cipher suites that | Implementations MAY implement additional TLS 1.2 cipher suites that | |||
| provide mutual authentication [RFC5246] and confidentiality, as | provide mutual authentication [RFC5246] and confidentiality, as | |||
| required by NETCONF [RFC6241]. | required by NETCONF [RFC6241]. | |||
| End of changes. 3 change blocks. | ||||
| 8 lines changed or deleted | 10 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||