Skip to main content

12. References

12.1 Normative References

This section lists the normative documents referenced in the TLS 1.3 specification. These documents are essential for implementing the TLS 1.3 protocol.

Key references include:

  • [DH76] - Original paper on Diffie-Hellman key exchange
  • [ECDSA] - Elliptic Curve Digital Signature Algorithm standard
  • [GCM] - Galois/Counter Mode encryption mode
  • [RFC2104] - HMAC: Keyed-Hashing for Message Authentication
  • [RFC2119] - Key words for use in RFCs to Indicate Requirement Levels
  • [RFC5116] - An Interface and Algorithms for Authenticated Encryption
  • [RFC5280] - Internet X.509 Public Key Infrastructure Certificate
  • [RFC5705] - Keying Material Exporters for TLS
  • [RFC5869] - HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
  • [RFC6066] - Transport Layer Security (TLS) Extensions
  • [RFC6960] - Online Certificate Status Protocol (OCSP)
  • [RFC7748] - Elliptic Curves for Security (X25519 and X448)
  • [RFC8032] - Edwards-Curve Digital Signature Algorithm (EdDSA)
  • [RFC8126] - Guidelines for Writing an IANA Considerations Section
  • [RFC8174] - Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words
  • [RFC8439] - ChaCha20 and Poly1305 for IETF Protocols
  • [RFC8422] - Elliptic Curve Cryptography (ECC) Cipher Suites for TLS
  • [SHS] - Secure Hash Standard

For the complete list of normative references, please refer to Section 12.1 of RFC 8446.

12.2 Informative References

Informative references provide additional background information, security analyses, and related research. Key references include:

  • [AEAD-LIMITS] - Security limits analysis for AEAD algorithms
  • [ALPN] - Application-Layer Protocol Negotiation
  • [BBFGKZ16] - Security analysis of 0-RTT key exchange
  • [BDFKPPRSZZ16] - Cryptographic analysis of TLS 1.3 draft versions
  • [CHECKOWAY] - Analysis of TLS/SSL downgrade attacks
  • [CROSS-PROTOCOL] - Cross-protocol attack research
  • [DEPRECATE-MD5-SHA1] - Recommendations for deprecating MD5 and SHA-1
  • [DOW92] - Early research on downgrade attacks
  • [DTLS13] - Datagram Transport Layer Security Version 1.3
  • [EARLY-IMPACT] - Impact analysis of early data
  • [FGMP15] - Formal analysis of the TLS handshake
  • [FIPS186] - Digital Signature Standard
  • [FW15] - Security proof for TLS 1.2
  • [GLIGNO] - Security issues in TLS implementations
  • [HTTP2-TLS13] - Using HTTP/2 with TLS 1.3
  • [IEEE1363] - IEEE Standard for Public-Key Cryptography
  • [JAGER] - Security analysis of the TLS handshake protocol
  • [JSS15] - Security analysis of TLS 0-RTT
  • [RACCOON] - Raccoon timing attack
  • [RFC4086] - Randomness Requirements for Security
  • [RFC4346] - The Transport Layer Security (TLS) Protocol Version 1.1
  • [RFC4366] - Transport Layer Security (TLS) Extensions
  • [RFC4492] - Elliptic Curve Cryptography (ECC) Cipher Suites for TLS
  • [RFC5077] - Transport Layer Security (TLS) Session Resumption (obsoleted)
  • [RFC5246] - The Transport Layer Security (TLS) Protocol Version 1.2 (obsoleted)
  • [RFC6091] - Using OpenPGP Keys for TLS (not supported in TLS 1.3)
  • [RFC6176] - Prohibiting Secure Sockets Layer (SSL) Version 2.0
  • [RFC6347] - Datagram Transport Layer Security Version 1.2
  • [RFC7250] - Using Raw Public Keys in TLS
  • [RFC7301] - Application-Layer Protocol Negotiation Extension
  • [RFC7465] - Prohibiting RC4 Cipher Suites
  • [RFC7507] - TLS Fallback Signaling Cipher Suite Value (SCSV)
  • [RFC7568] - Deprecating Secure Sockets Layer Version 3.0
  • [RFC7627] - Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
  • [RFC7685] - A Transport Layer Security (TLS) ClientHello Padding Extension
  • [RFC7919] - Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for TLS
  • [RFC8305] - Happy Eyeballs Version 2
  • [RFC8447] - IANA Registry Updates for TLS and DTLS
  • [RFC8449] - Record Size Limit Extension for TLS
  • [RSA] - Original paper on RSA encryption
  • [SLOTH] - Security analysis of signature algorithms
  • [TIMING] - Timing attacks in TLS

For the complete list of informative references (approximately 60 entries including full URLs, DOIs, and publication information), please consult the official RFC 8446 document.

Note: Due to the large number of references (approximately 30 normative and 60 informative references), this section provides an overview of the main entries. For the complete detailed reference list, please refer to the official RFC 8446 document.

Last updated on