RFC 8492

Secure Password Ciphersuites for Transport Layer Security (TLS), February 2019

File formats:
icon for text file icon for PDF icon for HTML
Status:
INFORMATIONAL
Author:
D. Harkins, Ed.
Stream:
INDEPENDENT

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC8492

Discuss this RFC: Send questions or comments to rfc-ise@rfc-editor.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This memo defines several new ciphersuites for the Transport Layer Security (TLS) protocol to support certificateless, secure authentication using only a simple, low-entropy password. The exchange is called "TLS-PWD". The ciphersuites are all based on an authentication and key exchange protocol, named "dragonfly", that is resistant to offline dictionary attacks.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader