ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2 and DTLS 1.2
RFC 8442, “ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2 and DTLS 1.2”, is a Proposed Standard document published in September 2018 by J. Mattsson, D. Migault. The canonical text is published by the RFC Editor.
Abstract
This document defines several new cipher suites for version 1.2 of the Transport Layer Security (TLS) protocol and version 1.2 of the Datagram Transport Layer Security (DTLS) protocol. These cipher suites are based on the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key (ECDHE_PSK) key exchange together with the Authenticated Encryption with Associated Data (AEAD) algorithms AES-GCM and AES-CCM. PSK provides light and efficient authentication, ECDHE provides forward secrecy, and AES-GCM and AES-CCM provide encryption and integrity protection.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8442 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8441 Bootstrapping WebSockets with HTTP/2
- RFC 8443 Personal Assertion Token Extension for Resource Priority Authorization
- RFC 8440 IMAP4 Extension for Returning MYRIGHTS Information in Extended LIST
- RFC 8444 OSPFv2 Extensions for Bit Index Explicit Replication
- RFC 8439 ChaCha20 and Poly1305 for IETF Protocols
- RFC 8445 Interactive Connectivity Establishment : A Protocol for Network Address Translator Traversal
- RFC 8438 IMAP Extension for STATUS=SIZE
- RFC 8446 The Transport Layer Security Protocol Version 1.3