Protocol Action: 'Deprecating RC4 in Secure Shell (SSH)' to Best Current Practice (draft-ietf-curdle-rc4-die-die-die-16.txt)

The IESG <iesg-secretary@ietf.org> Mon, 23 September 2019 22:18 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 18917120045; Mon, 23 Sep 2019 15:18:31 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: "IETF-Announce" <ietf-announce@ietf.org>
Subject: Protocol Action: 'Deprecating RC4 in Secure Shell (SSH)' to Best Current Practice (draft-ietf-curdle-rc4-die-die-die-16.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.102.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, curdle@ietf.org, Daniel Migault <daniel.migault@ericsson.com>, curdle-chairs@ietf.org, daniel.migault@ericsson.com, kaduk@mit.edu, draft-ietf-curdle-rc4-die-die-die@ietf.org, rfc-editor@rfc-editor.org
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <156927711103.17098.7716952984189567235.idtracker@ietfa.amsl.com>
Date: Mon, 23 Sep 2019 15:18:31 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/hLp-l-WUgxQ09JukLSpQv8-y9i4>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Sep 2019 22:18:32 -0000

The IESG has approved the following document:
- 'Deprecating RC4 in Secure Shell (SSH)'
  (draft-ietf-curdle-rc4-die-die-die-16.txt) as Best Current Practice

This document is the product of the CURves, Deprecating and a Little more
Encryption Working Group.

The IESG contact persons are Benjamin Kaduk and Roman Danyliw.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-curdle-rc4-die-die-die/




Technical Summary

 This document deprecates RC4 in Secure Shell (SSH).  Therefore, this
 document updates [RFC4253], and moves to Historic status [RFC4345].

Working Group Summary

This is an uncontroversial document to deprecate a weak cryptographic
algorithm from the protocol; no opposition was raised.

Document Quality

This document just recommends to remove support for a feature,
so there is little to implement or review.  The ciphers in question
have been entirely removed from at least one implementation's latest
released version.

Personnel

Daniel Migault is the shepherd of the draft. Benjamin Kaduk is
the responsible area director.


RFC Editor Note

  In the IANA Considerations, please update the table to include "HISTORIC" in the
  "Note" column for all three ciphers.

  Also, in Section 1, "arcfour-128" and "arcfour-256" appear with hyphens; the hyphen
  should be removed.

  Once an RFC number is assigned for this document, status-change-ssh-arcfour-to-historic
  should be updated to refer to the RFC instead of the  I-D.