Protocol Action: Improved Arcfour Modes for the Secure Shell (SSH) Transport Layer Protocol to Historic

The IESG <iesg-secretary@ietf.org> Mon, 23 September 2019 22:19 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: Improved Arcfour Modes for the Secure Shell (SSH) Transport Layer Protocol to Historic
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, draft-harris-ssh-arcfour-fixes@ietf.org, iana@iana.org, rfc-editor@rfc-editor.org
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <156927717661.17148.18105422703538524969.idtracker@ietfa.amsl.com>
Date: Mon, 23 Sep 2019 15:19:36 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/dONs9LoFjgZ1TWhWldMD5VcKRQ4>

The IESG has approved changing the status of the following document:
- Improved Arcfour Modes for the Secure Shell (SSH) Transport Layer Protocol
  (rfc4345) to Historic

This protocol action is documented at:
https://datatracker.ietf.org/doc/status-change-ssh-arcfour-to-historic/

A URL of the affected document is:
https://datatracker.ietf.org/doc/rfc4345/

Status Change Details:

RFC 4345 specifies two modes of operation for using the arcfour stream
cipher in the secure shell (SSH) protocol.  Even at the time of publication,
there were known weaknesses in the arcfour keystream; the extent and
exploitability of such weaknesses has increased with time, to the extent
that the arcfour ciphers should not be used anymore, as discussed in
draft-ietf-curdle-rc4-die-die-die.  Accordingly, RFC 4345 is moved to
historic.

Personnel

   Benjamin Kaduk is the responsible Area Director.

Protocol Action: Improved Arcfour Modes for the S… The IESG