{"draft":"draft-ietf-tls-external-psk-guidance-06","doc_id":"RFC9257","title":"Guidance for External Pre-Shared Key (PSK) Usage in TLS","authors":["R. Housley","J. Hoyland","M. Sethi","C. A. Wood"],"format":["HTML","TEXT","PDF","XML"],"page_count":"13","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Transport Layer Security","abstract":"This document provides usage guidance for external Pre-Shared Keys\r\n(PSKs) in Transport Layer Security (TLS) 1.3 as defined in RFC 8446.\r\nIt lists TLS security properties provided by PSKs under certain\r\nassumptions, then it demonstrates how violations of these assumptions\r\nlead to attacks. Advice for applications to help meet these\r\nassumptions is provided. This document also discusses PSK use cases\r\nand provisioning processes. Finally, it lists the privacy and\r\nsecurity properties that are not provided by TLS 1.3 when external\r\nPSKs are used.","pub_date":"July 2022","keywords":[],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9257","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc9257"}