Transport Layer Security (tls)

• About
• Documents
• Meetings
• History
• Photos
• Email expansions
• List archive »

	Document	Date	Status	IPR	AD/Shepherd
	Active Internet-Drafts (10 hits)
	36 pages draft-ietf-tls-extended-key-update-07 Extended Key Update for Transport Layer Security (TLS) 1.3	2025-11-01	I-D Exists WG Document : Proposed Standard
	7 pages draft-ietf-tls-key-share-prediction-03 TLS Key Share Prediction	2025-08-29	I-D Exists WG Document
	5 pages draft-ietf-tls-mldsa-01 Use of ML-DSA in TLS 1.3	2025-09-26	I-D Exists WG Document
	10 pages draft-ietf-tls-mlkem-05 ML-KEM Post-Quantum Key Agreement for TLS 1.3	2025-11-02	I-D Exists WG Document : Informational
	17 pages draft-ietf-tls-pake-00 A Password Authenticated Key Exchange Extension for TLS 1.3	2025-09-04	I-D Exists WG Document
	70 pages draft-ietf-tls-rfc9147bis-01 The Datagram Transport Layer Security (DTLS) Protocol Version 1.3	2025-10-20	I-D Exists WG Document
	9 pages draft-ietf-tls-super-jumbo-record-limit-02 Large Record Sizes for TLS and DTLS with Reduced Overhead	2025-11-03	I-D Exists Waiting for WG Chair Go-Ahead		Sean Turner
	9 pages draft-ietf-tls-tlsflags-16 A Flags Extension for TLS 1.3	2025-09-14	I-D Exists Waiting for Implementation : Proposed Standard Nov 2020		Sean Turner
	29 pages draft-ietf-tls-trust-anchor-ids-02 TLS Trust Anchor Identifiers	2025-09-15	I-D Exists WG Document
	21 pages draft-ietf-tls-wkech-11 A well-known URI for publishing service parameters	2025-11-03	I-D Exists Waiting for Implementation Reviews: dnsdir Early opsdir Early artart Early
	Active with the IESG Internet-Drafts (12 hits)
	16 pages draft-ietf-tls-8773bis-13 TLS 1.3 Extension for Using Certificates with an External Pre-Shared Key	2025-09-05	RFC Ed Queue : EDIT 109 Submitted to IESG for Publication : Proposed Standard Reviews: secdir IETF Last Call genart IETF Last Call		Paul Wouters Joseph A. Salowey
	23 pages draft-ietf-tls-deprecate-obsolete-kex-07 Deprecating Obsolete Key Exchange Methods in (D)TLS 1.2	2025-11-13	IESG Evaluation 38 Submitted to IESG for Publication : Proposed Standard Reviews: artart secdir IETF Last Call opsdir IETF Last Call artart IETF Last Call genart IETF Last Call Action Holder: Paul Wouters 40		Paul Wouters Joseph A. Salowey
	23 pages draft-ietf-tls-dtls-rrc-20 Return Routability Check for DTLS 1.2 and DTLS 1.3	2025-07-14	RFC Ed Queue : EDIT 133 Submitted to IESG for Publication : Proposed Standard Reviews: artart artart tsvart IETF Last Call secdir IETF Last Call artart IETF Last Call opsdir IETF Last Call		Paul Wouters Sean Turner
	11 pages draft-ietf-tls-ecdhe-mlkem-03 Post-quantum hybrid ECDHE-MLKEM Key Agreement for TLSv1.3	2025-11-21	Publication Requested 29 Submitted to IESG for Publication : Proposed Standard Action Holder: Paul Wouters 29		Paul Wouters Joseph A. Salowey
	53 pages draft-ietf-tls-esni-25 TLS Encrypted Client Hello	2025-06-14	RFC Ed Queue : AUTH48 AUTH48 166 Submitted to IESG for Publication : Proposed Standard Reviews: intdir dnsdir opsdir IETF Last Call genart IETF Last Call tsvart IETF Last Call secdir IETF Last Call artart IETF Last Call dnsdir IETF Last Call Mar 2021		Paul Wouters Joseph A. Salowey
	23 pages draft-ietf-tls-hybrid-design-16 Hybrid key exchange in TLS 1.3	2025-09-07	RFC Ed Queue : EDIT 95 Submitted to IESG for Publication : Informational Reviews: opsdir IETF Last Call secdir IETF Last Call genart IETF Last Call		Paul Wouters Joseph A. Salowey
	15 pages draft-ietf-tls-keylogfile-05 The SSLKEYLOGFILE Format for TLS	2025-06-09	RFC Ed Queue : AUTH48 AUTH48 194 Submitted to IESG for Publication : Informational Reviews: opsdir IETF Last Call genart IETF Last Call		Paul Wouters Sean Turner
	161 pages draft-ietf-tls-rfc8446bis-14 The Transport Layer Security (TLS) Protocol Version 1.3	2025-09-13	RFC Ed Queue : AUTH48 AUTH48 133 Submitted to IESG for Publication : Proposed Standard Reviews: genart IETF Last Call secdir IETF Last Call		Paul Wouters Sean Turner
	17 pages draft-ietf-tls-rfc8447bis-15 IANA Registry Updates for TLS and DTLS	2025-07-21	RFC Ed Queue : AUTH48-DONE 189 Submitted to IESG for Publication : Proposed Standard Reviews: opsdir IETF Last Call genart IETF Last Call artart IETF Last Call secdir IETF Last Call		Paul Wouters Deirdre Connolly
	10 pages draft-ietf-tls-svcb-ech-08 Bootstrapping TLS Encrypted ClientHello with DNS Service Bindings	2025-06-16	RFC Ed Queue : AUTH48 AUTH48 189 Submitted to IESG for Publication : Proposed Standard Reviews: tsvart opsdir IETF Last Call dnsdir IETF Last Call dnsdir IETF Last Call genart IETF Last Call artart IETF Last Call dnsdir Early		Paul Wouters Sean Turner
	6 pages draft-ietf-tls-tls12-frozen-08 TLS 1.2 is in Feature Freeze	2025-04-03	RFC Ed Queue : EDIT 187 Submitted to IESG for Publication : Proposed Standard Reviews: opsdir secdir IETF Last Call genart IETF Last Call tsvart IETF Last Call		Paul Wouters Sean Turner
	7 pages draft-ietf-tls-tls13-pkcs1-07 Legacy RSASSA-PKCS1-v1_5 codepoints for TLS 1.3	2025-12-02	RFC Ed Queue : EDIT Submitted to IESG for Publication : Proposed Standard Review: secdir IETF Last Call		Paul Wouters Sean Turner
	Expired Internet-Drafts (25 hits)
	3 pages draft-ietf-tls-56-bit-ciphersuites-01 56-bit Export Cipher Suites For TLS	2001-07-25	Expired WG Document
	11 pages draft-ietf-tls-ac509prof-00 An Internet AttributeCertificate Profile for Authorization	1998-09-22	Expired WG Document
	11 pages draft-ietf-tls-attr-cert-01 TLS extensions for AttributeCertificate based authorization	1998-09-22	Expired WG Document
	21 pages draft-ietf-tls-cert-abridge-02 Abridged Compression for WebPKI Certificates	2024-09-16	Expired WG Document
	6 pages draft-ietf-tls-cross-sni-resumption-02 Transport Layer Security (TLS) Resumption across Server Names	2021-12-05	Expired Waiting for Implementation		Christopher A. Wood
	26 pages draft-ietf-tls-ctls-10 Compact TLS 1.3	2024-04-17	Expired WG Document		Christopher A. Wood
	10 pages draft-ietf-tls-ctr-01 AES Counter Mode Cipher Suites for TLS and DTLS	2006-06-16	Expired WG Document
	11 pages draft-ietf-tls-curve25519-01 Curve25519 and Curve448 for Transport Layer Security (TLS)	2015-07-06	Expired WG Document		Joseph A. Salowey
	10 pages draft-ietf-tls-delegation-01 TLS Delegation Protocol	2001-07-12	Expired WG Document
	4 pages draft-ietf-tls-emailaddr-00 Update to Transport Layer Security (TLS) Extensions	2003-11-24	Expired WG Document
	30 pages draft-ietf-tls-interoperability-00 Clientside interoperability experiences for the SSL and TLS protocols	2006-10-18	Expired WG Document
	draft-ietf-tls-kerb-01 Kerberos Cipher Suites in Transport Layer Security (TLS)	2001-11-08	Expired WG Document
	3 pages draft-ietf-tls-misty1-01 Addition of MISTY1 to TLS	2001-03-05	Expired WG Document
	15 pages draft-ietf-tls-ntru-00 NTRU Cipher Suites for TLS	2001-07-06	Expired WG Document
	4 pages draft-ietf-tls-openpgp-02 Extensions to TLS for OpenPGP keys	2002-02-19	Expired WG Document
	5 pages draft-ietf-tls-passauth-00 Addition of Shared Key Authentication to Transport Layer Security (TLS)	1996-11-22	Expired WG Document
	50 pages draft-ietf-tls-pathsec-00 TLS Pathsec Protocol	2001-10-01	Expired WG Document
	4 pages draft-ietf-tls-seedhas-00 TLS Extension for SEED and HAS-160	2000-07-14	Expired WG Document
	7 pages draft-ietf-tls-semistatic-dh-01 Semi-Static Diffie-Hellman Key Establishment for TLS 1.3	2020-03-07	Expired WG Document Jul 2021
	6 pages draft-ietf-tls-sharedkeys-02 Use of Shared Keys in the TLS Protocol	2003-10-24	Expired WG Document
	12 pages draft-ietf-tls-snip-02 Secure Negotiation of Incompatible Protocols in TLS	2022-06-30	Expired WG Document
	19 pages draft-ietf-tls-ssh-00 SSH Transport Layer Protocol	1996-06-14	Expired WG Document
	4 pages draft-ietf-tls-ssl-mods-00 Modifications to the SSL protocol for TLS	1996-11-27	Expired WG Document
	63 pages draft-ietf-tls-ssl-version3-00 The SSL Protocol Version 3.0	1996-11-21	Expired WG Document
	13 pages draft-ietf-tls-wireless-00 Wireless Extensions to TLS	2000-11-21	Expired WG Document
	Replaced Internet-Draft (1 hit)
	7 pages draft-davidben-tls13-pkcs1-01 Legacy RSASSA-PKCS1-v1_5 codepoints for TLS 1.3	2023-10-17	Replaced by draft-ietf-tls-tls13-pkcs1 Adopted by a WG
	RFCs (59 hits)
	80 pages RFC 2246 The TLS Protocol Version 1.0 Errata	1999-01	Historic RFC Obsoleted by rfc4346 Updated by rfc3546, rfc5746, rfc6176, rfc7465, rfc7507, rfc7919	2
	7 pages RFC 2712 Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) Errata	1999-10	Proposed Standard RFC
	13 pages RFC 2817 Upgrading to TLS Within HTTP/1.1 Errata	2000-05	Proposed Standard RFC Updated by rfc7230, rfc7231
	7 pages RFC 2818 HTTP Over TLS Errata	2000-05	Informational RFC Obsoleted by rfc9110 Updated by rfc5785, rfc7230
	7 pages RFC 3268 Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)	2002-07	Proposed Standard RFC Obsoleted by rfc5246
	29 pages RFC 3546 Transport Layer Security (TLS) Extensions	2003-06	Proposed Standard RFC Obsoleted by rfc4366		Steven M. Bellovin
	8 pages RFC 3749 Transport Layer Security Protocol Compression Methods	2004-05	Proposed Standard RFC Updated by rfc8447, rfc8996		Steven M. Bellovin
	7 pages RFC 4132 Addition of Camellia Cipher Suites to Transport Layer Security (TLS)	2005-07	Proposed Standard RFC Obsoleted by rfc5932		Russ Housley
	15 pages RFC 4279 Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)	2005-12	Proposed Standard RFC Updated by rfc8996		Russ Housley
	87 pages RFC 4346 The Transport Layer Security (TLS) Protocol Version 1.1 Errata	2006-04	Historic RFC Obsoleted by rfc5246 Updated by rfc4366, rfc4680, rfc4681, rfc5746, rfc6176, rfc7465, rfc7507, rfc7919	5	Russ Housley
	30 pages RFC 4366 Transport Layer Security (TLS) Extensions	2006-04	Proposed Standard RFC Obsoleted by rfc5246, rfc6066 Updated by rfc5746	3	Russ Housley
	35 pages RFC 4492 Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Errata	2006-05	Informational RFC Obsoleted by rfc8422 Updated by rfc5246, rfc7027, rfc7919	5	Russ Housley
	5 pages RFC 4785 Pre-Shared Key (PSK) Ciphersuites with NULL Encryption for Transport Layer Security (TLS)	2007-01	Proposed Standard RFC Updated by rfc8996		Russ Housley
	24 pages RFC 5054 Using the Secure Remote Password (SRP) Protocol for TLS Authentication Errata	2007-11	Informational RFC Updated by rfc8996		Tim Polk
	8 pages RFC 5081 Using OpenPGP Keys for Transport Layer Security (TLS) Authentication	2007-11	Experimental RFC Obsoleted by rfc6091		Russ Housley
	104 pages RFC 5246 The Transport Layer Security (TLS) Protocol Version 1.2 Errata	2008-08	Proposed Standard RFC Obsoleted by rfc8446 Updated by rfc5746, rfc5878, rfc6176, rfc7465, rfc7507, rfc7568, rfc7627, rfc7685, rfc7905, rfc7919, rfc8447, rfc9155	5	Tim Polk
	8 pages RFC 5288 AES Galois Counter Mode (GCM) Cipher Suites for TLS Errata	2008-08	Proposed Standard RFC Updated by rfc9325		Pasi Eronen
	6 pages RFC 5289 TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM)	2008-08	Proposed Standard RFC	4	Pasi Eronen
	4 pages RFC 5469 DES and IDEA Cipher Suites for Transport Layer Security (TLS)	2009-02	Historic RFC Obsoleted by rfc8996		Tim Polk
	7 pages RFC 5487 Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and AES Galois Counter Mode	2009-03	Proposed Standard RFC		Pasi Eronen
	7 pages RFC 5489 ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)	2009-03	Informational RFC		Pasi Eronen
	7 pages RFC 5705 Keying Material Exporters for Transport Layer Security (TLS) Errata	2010-03	Proposed Standard RFC Updated by rfc8446, rfc8447		Pasi Eronen
	15 pages RFC 5746 Transport Layer Security (TLS) Renegotiation Indication Extension	2010-02	Proposed Standard RFC		Pasi Eronen
	25 pages RFC 6066 Transport Layer Security (TLS) Extensions: Extension Definitions Errata	2011-01	Proposed Standard RFC Updated by rfc8446, rfc8449, rfc9325	3	Sean Turner
	4 pages RFC 6176 Prohibiting Secure Sockets Layer (SSL) Version 2.0 Errata	2011-03	Proposed Standard RFC Updated by rfc8996		Alexey Melnikov
	32 pages RFC 6347 Datagram Transport Layer Security Version 1.2 Errata	2012-01	Proposed Standard RFC Obsoleted by rfc9147 Updated by rfc7507, rfc7905, rfc8996, rfc9146	3	Sean Turner
	9 pages RFC 6520 Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension Errata	2012-02	Proposed Standard RFC Updated by rfc8447	1	Sean Turner
	10 pages RFC 6961 The Transport Layer Security (TLS) Multiple Certificate Status Request Extension Errata	2013-06	Proposed Standard RFC Obsoleted by rfc8446		Sean Turner
	18 pages RFC 7250 Using Raw Public Keys in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Errata	2014-06	Proposed Standard RFC		Sean Turner
	9 pages RFC 7301 Transport Layer Security (TLS) Application-Layer Protocol Negotiation Extension	2014-07	Proposed Standard RFC Updated by rfc8447		Stephen Farrell
	7 pages RFC 7366 Encrypt-then-MAC for Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Errata	2014-09	Proposed Standard RFC		Stephen Farrell
	6 pages RFC 7465 Prohibiting RC4 Cipher Suites	2015-02	Proposed Standard RFC Updated by rfc8996		Stephen Farrell
	8 pages RFC 7507 TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks	2015-04	Proposed Standard RFC Obsoleted by rfc8996		Stephen Farrell
	7 pages RFC 7568 Deprecating Secure Sockets Layer Version 3.0 Errata	2015-06	Proposed Standard RFC Updated by rfc8996		Stephen Farrell
	15 pages RFC 7627 Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension	2015-09	Proposed Standard RFC		Stephen Farrell
	4 pages RFC 7685 A Transport Layer Security (TLS) ClientHello Padding Extension	2015-10	Proposed Standard RFC		Stephen Farrell
	8 pages RFC 7905 ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS) Errata	2016-06	Proposed Standard RFC		Stephen Farrell
	11 pages RFC 7918 Transport Layer Security (TLS) False Start	2016-08	Informational RFC		Stephen Farrell
	29 pages RFC 7919 Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS) Errata	2016-08	Proposed Standard RFC		Stephen Farrell
	19 pages RFC 7924 Transport Layer Security (TLS) Cached Information Extension	2016-07	Proposed Standard RFC		Stephen Farrell
	34 pages RFC 8422 Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier Errata	2018-08	Proposed Standard RFC Updated by rfc8996	5	Kathleen Moriarty
	7 pages RFC 8442 ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2 and DTLS 1.2	2018-09	Proposed Standard RFC		Benjamin Kaduk
	160 pages RFC 8446 The Transport Layer Security (TLS) Protocol Version 1.3 Errata	2018-08	Proposed Standard RFC	6	Kathleen Moriarty
	20 pages RFC 8447 IANA Registry Updates for TLS and DTLS Errata	2018-08	Proposed Standard RFC		Benjamin Kaduk
	68 pages RFC 8448 Example Handshake Traces for TLS 1.3 Errata	2019-01	Informational RFC		Benjamin Kaduk
	8 pages RFC 8449 Record Size Limit Extension for TLS	2018-08	Proposed Standard RFC		Benjamin Kaduk
	12 pages RFC 8701 Applying Generate Random Extensions And Sustain Extensibility (GREASE) to TLS Extensibility	2020-01	Informational RFC		Benjamin Kaduk
	13 pages RFC 8744 Issues and Requirements for Server Name Identification (SNI) Encryption in TLS	2020-07	Informational RFC		Benjamin Kaduk
	11 pages RFC 8773 TLS 1.3 Extension for Certificate-Based Authentication with an External Pre-Shared Key Errata	2020-03	Experimental RFC		Benjamin Kaduk
	8 pages RFC 8879 TLS Certificate Compression	2020-12	Proposed Standard RFC		Benjamin Kaduk
	18 pages RFC 8996 Deprecating TLS 1.0 and TLS 1.1 Errata	2021-03	Best Current Practice RFC Part of BCP 195		Benjamin Kaduk
	14 pages RFC 9146 Connection Identifier for DTLS 1.2	2022-03	Proposed Standard RFC		Benjamin Kaduk
	61 pages RFC 9147 The Datagram Transport Layer Security (DTLS) Protocol Version 1.3 Errata	2022-04	Proposed Standard RFC	3	Benjamin Kaduk
	8 pages RFC 9149 TLS Ticket Requests	2022-04	Proposed Standard RFC		Benjamin Kaduk
	5 pages RFC 9155 Deprecating MD5 and SHA-1 Signature Hashes in TLS 1.2 and DTLS 1.2	2021-12	Proposed Standard RFC		Roman Danyliw
	13 pages RFC 9257 Guidance for External Pre-Shared Key (PSK) Usage in TLS Errata	2022-07	Informational RFC		Benjamin Kaduk
	11 pages RFC 9258 Importing External Pre-Shared Keys (PSKs) for TLS 1.3	2022-07	Proposed Standard RFC		Roman Danyliw
	14 pages RFC 9261 Exported Authenticators in TLS	2022-07	Proposed Standard RFC		Paul Wouters
	17 pages RFC 9345 Delegated Credentials for TLS and DTLS	2023-07	Proposed Standard RFC		Paul Wouters
	Related Internet-Drafts and RFCs (21 hits)
	81 pages draft-davidben-tls-merkle-tree-certs-09 Merkle Tree Certificates	2025-12-01	I-D Exists
	10 pages draft-denis-tls-aegis-05 AEGIS-based Cipher Suites for TLS 1.3, DTLS 1.3 and QUIC	2025-11-12	I-D Exists
	6 pages draft-farrell-tls-pqg-04 Post-Quantum Guidance for current deployments of IETF protocols.	2025-12-01	I-D Exists
	11 pages draft-guo-tls-exported-pake-00 PAKE Extension for TLS Exported Authenticator	2025-10-19	I-D Exists
	21 pages draft-gutmann-tls-lts-16 TLS 1.2 Update for Long-term Support (LTS)	2025-08-17	I-D Exists Response to Review Needed : Informational
	44 pages draft-mcmillion-tls-transparency-revocation-00 Reliable Transparency and Revocation Mechanisms	2025-06-29 Expires soon	I-D Exists
	11 pages draft-reddy-tls-composite-mldsa-05 Use of Composite ML-DSA in TLS 1.3	2025-07-04 Expires soon	I-D Exists
	11 pages draft-reddy-tls-slhdsa-02 Use of SLH-DSA in TLS 1.3	2025-11-17	I-D Exists In ISE Review
	14 pages draft-rosomakho-tls-cert-update-01 Certificate Update in TLS 1.3	2025-12-21 New	I-D Exists
	7 pages draft-rosomakho-tls-wimse-cert-hint-00 Workload Identifier Scope Hint for TLS ClientHello	2025-07-07	I-D Exists
	9 pages draft-sheffer-tls-pqc-continuity-00 PQC Continuity: Downgrade Protection for TLS Servers Migrating to PQC	2025-10-18	I-D Exists
	7 pages draft-stein-tls-ech-considered-harmful-00 ECH Considered Harmful	2025-07-01 Expires soon	I-D Exists
	23 pages draft-sullivan-tls-signed-ech-updates-00 Authenticated ECH Config Distribution and Rotation	2025-10-20	I-D Exists
	6 pages draft-usama-tls-fatt-extension-00 Extensions to TLS FATT Process	2025-07-07	I-D Exists
	17 pages draft-wagner-tls-keysharepqc-07 New Key Share Extension for Classic McEliece Algorithms	2025-12-19 New	I-D Exists Informational
	14 pages draft-wang-tls-service-affinity-00 Service Affinity Solution based on Transport Layer Security (TLS)	2025-10-17	I-D Exists
	20 pages draft-wiggers-tls-authkem-psk-04 KEM-based pre-shared-key handshakes for TLS 1.3	2025-11-04	I-D Exists
	8 pages draft-yang-tls-hybrid-sm2-mlkem-03 Hybrid Post-quantum Key Exchange SM2-MLKEM for TLSv1.3	2025-11-14	I-D Exists
	27 pages draft-yusef-tls-pqt-dual-certs-01 Post-Quantum Traditional (PQ/T) Hybrid Authentication with Dual Certificates in TLS 1.3	2025-12-17 New	I-D Exists
	22 pages draft-zhou-tls-tls14-04 The Transport Layer Security (TLS) Protocol Version 1.4	2025-10-02	I-D Exists
	5 pages draft-farrell-tls-pemesni-11 PEM file format for ECH	2025-12-04	In Last Call (ends 2026-01-01) IETF stream : Proposed Standard Reviews: dnsdir IETF Last Call genart IETF Last Call secdir IETF Last Call Action Holder: Paul Wouters		Paul Wouters Sean Turner