Protocol Action: 'Deprecating RC4 in Secure Shell (SSH)' to Best Current Practice (draft-ietf-curdle-rc4-die-die-die-16.txt)
The IESG <iesg-secretary@ietf.org> Mon, 23 September 2019 22:18 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 18917120045; Mon, 23 Sep 2019 15:18:31 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Deprecating RC4 in Secure Shell (SSH)' to Best Current Practice (draft-ietf-curdle-rc4-die-die-die-16.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.102.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, curdle@ietf.org, Daniel Migault <daniel.migault@ericsson.com>, curdle-chairs@ietf.org, daniel.migault@ericsson.com, kaduk@mit.edu, draft-ietf-curdle-rc4-die-die-die@ietf.org, rfc-editor@rfc-editor.org
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <156927711103.17098.7716952984189567235.idtracker@ietfa.amsl.com>
Date: Mon, 23 Sep 2019 15:18:31 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/hLp-l-WUgxQ09JukLSpQv8-y9i4>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Sep 2019 22:18:32 -0000
The IESG has approved the following document: - 'Deprecating RC4 in Secure Shell (SSH)' (draft-ietf-curdle-rc4-die-die-die-16.txt) as Best Current Practice This document is the product of the CURves, Deprecating and a Little more Encryption Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-curdle-rc4-die-die-die/ Technical Summary This document deprecates RC4 in Secure Shell (SSH). Therefore, this document updates [RFC4253], and moves to Historic status [RFC4345]. Working Group Summary This is an uncontroversial document to deprecate a weak cryptographic algorithm from the protocol; no opposition was raised. Document Quality This document just recommends to remove support for a feature, so there is little to implement or review. The ciphers in question have been entirely removed from at least one implementation's latest released version. Personnel Daniel Migault is the shepherd of the draft. Benjamin Kaduk is the responsible area director. RFC Editor Note In the IANA Considerations, please update the table to include "HISTORIC" in the "Note" column for all three ciphers. Also, in Section 1, "arcfour-128" and "arcfour-256" appear with hyphens; the hyphen should be removed. Once an RFC number is assigned for this document, status-change-ssh-arcfour-to-historic should be updated to refer to the RFC instead of the I-D.