This is the working area for the IETF TLS Working Group Internet-Draft, "Extended Key Update for Transport Layer Security (TLS) 1.3".
See the guidelines for contributions.
Contributions can be made by creating pull requests. The GitHub interface supports creating pull requests using the Edit (✏) button.
Formatted text and HTML versions of the draft can be built using make.
$ makeCommand line usage requires that you have the necessary software installed. See the instructions.
The model/ directory contains three PROMELA/SPIN models:
model/tls13_extended_key_update.pml- TLS 1.3 EKU state machine (lower state-space, no DTLS ACK/retention path).
- Primary checks:
no_unexpected,key_sync.
model/extended_key_update.pml- DTLS EKU model with one initiator and one responder (no crossed requests).
- Primary checks:
no_unexpected,epoch_consistency.
model/extended_key_update_crossed.pml- DTLS EKU with crossed requests, loss/reordering, retry bounds, and liveness stress.
- Primary checks:
no_unexpected,epoch_consistency,no_deadlock.
Detailed model/spec mapping and scope notes are documented in:
model/SPEC-MAPPING.md
To run verification in a separate /tmp working directory (to avoid generating
pan.* and other SPIN artifacts in the repo), use:
./scripts/spin-check.sh allFor larger state spaces (especially crossed requests), pass additional
--define values and pan options:
./scripts/spin-check.sh crossed --define DROPS=0 --pan-args "-m200000 -w18"