Request for Comments: RFC 7562 on Transport Layer Security (TLS) Authorization Using Digital Transmission Content Protection (DTCP) Certificates
Question asked by Bruce Barnes - 7/9/2015 at 6:42 PM

Significant controversy, along with some healthy disagreement, on how TLS should work with MX servers, and SmarterMail in particular, was presented by several members of these forums in the article located at:


The IETF (International Engineering Task Force - keeper of all things standards for Internet Protocols), is about to begin the process of finalizing the standard for TLS 1.3.

Anyone with such a desire can both become a member of, and participate in, the IETF.  The IETF makes the process of finalizing and commenting on protocols one of the most democratic processes anyone will ever participate in and, even if you don't completely understand the dialogue and exchanges, it is a fascinating process to watch.

A good place for newcomers to learn about the IETF is: http://ietf.org/newcomers.html

Part of the process of finalizing the introduction of, or modification of, any protocol, is to create a new "REQUEST FOR COMMENTS" regarding the TRANSPORT LAYER SECURITY (TLS) protocol.  This new protocol is listed under RFC 7562

Here is the formal announcement from the IETF, inviting comments on RFC 7562


From: IETF-Announce [mailto:ietf-announce-bounces@ietf.org] On Behalf Of rfc-editor@rfc-editor.org
Sent: Thursday, July 09, 2015 17:36
To: ietf-announce@ietf.org; rfc-dist@rfc-editor.org
Cc: drafts-update-ref@iana.org; rfc-editor@rfc-editor.org
Subject: RFC 7562 on Transport Layer Security (TLS) Authorization Using Digital Transmission Content Protection (DTCP) Certificates

A new Request for Comments is now available in online RFC libraries.

        RFC 7562

        Title:      Transport Layer Security (TLS) Authorization
                    Using Digital Transmission Content Protection (DTCP)
        Author:     D. Thakore
        Status:     Informational
        Stream:     Independent
        Date:       July 2015

        Pages:      15
        Characters: 32576
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-dthakore-tls-authz-08.txt

        URL:        https://www.rfc-editor.org/info/rfc7562

        DOI:        http://dx.doi.org/10.17487/RFC7562

This document specifies the use of Digital Transmission Content Protection (DTCP) certificates as an authorization data type in the authorization extension for the Transport Layer Security (TLS) protocol.  This is in accordance with the guidelines for authorization extensions as specified in RFC 5878.  As with other TLS extensions, this authorization data can be included in the client and server hello messages to confirm that both parties support the desired authorization data types.  If supported by both the client and the server, DTCP certificates are exchanged in the supplemental data TLS handshake message as specified in RFC 4680.  This authorization data type extension is in support of devices containing DTCP certificates issued by the Digital Transmission Licensing Administrator (DTLA).

INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.

To subscribe or unsubscribe, see

For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/rfc.html

Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.orgUnless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution.

The RFC Editor Team
Association Management Solutions, LLC


Bruce Barnes
ChicagoNetTech Inc

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting

Reply to Thread