Search RFCs
RFC 7919
Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS),August 2016
- File formats:
- Status:
- PROPOSED STANDARD
- Updates:
- RFC 2246,RFC 4346,RFC 4492,RFC 5246
- Author:
- D. Gillmor
- Stream:
- IETF
- Source:
- tls (sec)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC7919
Discuss this RFC: Send questions or comments to the mailing listtls@ietf.org
Other actions:View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 7919
Abstract
Traditional finite-field-based Diffie-Hellman (DH) key exchangeduring the Transport Layer Security (TLS) handshake suffers from anumber of security, interoperability, and efficiency shortcomings.These shortcomings arise from lack of clarity about which DH groupparameters TLS servers should offer and clients should accept. Thisdocument offers a solution to these shortcomings for compatible peersby using a section of the TLS "Supported Groups Registry" (renamedfrom "EC Named Curve Registry" by this document) to establish commonfinite field DH parameters with known structure and a mechanism forpeers to negotiate support for these groups.
This document updates TLS versions 1.0 (RFC 2246), 1.1 (RFC 4346),and 1.2 (RFC 5246), as well as the TLS Elliptic Curve Cryptography(ECC) extensions (RFC 4492).
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.