Re: Last Call: <draft-ietf-tls-downgrade-scsv-03.txt> (TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks) to Proposed Standard

[Stephen Farrell <stephen.farrell@cs.tcd.ie>]

Folks,

I've looked back at the IETF LC for this and chatted with the
TLS chairs and my conclusion is that we did end up with rough
consensus for this so I've put it on the Feb 19 IESG telechat.

I think Sean's shepherd writeup [1] did a fine job of capturing
the LC outcome there so I won't try better that.

Thanks,
S.

[1]
https://datatracker.ietf.org/doc/draft-ietf-tls-downgrade-scsv/shepherdwriteup/

On 09/01/15 18:05, The IESG wrote:
> 
> The IESG has received a request from the Transport Layer Security WG
> (tls) to consider the following document:
> - 'TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing
>    Protocol Downgrade Attacks'
>   <draft-ietf-tls-downgrade-scsv-03.txt> as Proposed Standard
> 
> The IESG plans to make a decision in the next few weeks, and solicits
> final comments on this action. Please send substantive comments to the
> ietf@ietf.org mailing lists by 2015-01-23. Exceptionally, comments may be
> sent to iesg@ietf.org instead. In either case, please retain the
> beginning of the Subject line to allow automated sorting.
> 
> Abstract
> 
> 
>    This document defines a Signaling Cipher Suite Value (SCSV) that
>    prevents protocol downgrade attacks on the Transport Layer Security
>    (TLS) protocol.  It updates RFC 2246, RFC 4346, and RFC 5246.
> 
> 
> 
> 
> The file can be obtained via
> http://datatracker.ietf.org/doc/draft-ietf-tls-downgrade-scsv/
> 
> IESG discussion can be tracked via
> http://datatracker.ietf.org/doc/draft-ietf-tls-downgrade-scsv/ballot/
> 
> 
> No IPR declarations have been submitted directly on this I-D.
> 
> 
> 
>