[TLS] Last Call: <draft-ietf-tls-sslv3-diediedie-02.txt> (Deprecating Secure Sockets Layer Version 3.0) to Best Current Practice

The IESG <iesg-secretary@ietf.org> Mon, 16 March 2015 23:49 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA8601ACD50; Mon, 16 Mar 2015 16:49:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rze5_s1ouUSX; Mon, 16 Mar 2015 16:49:05 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E7D41ACD55; Mon, 16 Mar 2015 16:48:59 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: "IETF-Announce" <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 5.12.2
Auto-Submitted: auto-generated
Precedence: bulk
Sender: <iesg-secretary@ietf.org>
Message-ID: <20150316234859.1208.62933.idtracker@ietfa.amsl.com>
Date: Mon, 16 Mar 2015 16:48:59 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/8jWUzqaiIixFFk9lSBpcp2U5uT4>
Cc: tls@ietf.org
Subject: [TLS] Last Call: <draft-ietf-tls-sslv3-diediedie-02.txt> (Deprecating Secure Sockets Layer Version 3.0) to Best Current Practice
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Mar 2015 23:49:11 -0000

The IESG has received a request from the Transport Layer Security WG
(tls) to consider the following document:
- 'Deprecating Secure Sockets Layer Version 3.0'
  <draft-ietf-tls-sslv3-diediedie-02.txt> as Best Current Practice

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2015-03-30. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


   Secure Sockets Layer version 3.0 (SSLv3) is no longer secure.  This
   document requires that SSLv3 not be used.  The replacement versions,
   in particular Transport Layer Security (TLS) 1.2, are considerably
   more secure and capable protocols.

   This document updates the backward compatibility sections of the TLS
   RFCs to prohibit fallback to SSLv3.




The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-tls-sslv3-diediedie/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-tls-sslv3-diediedie/ballot/


No IPR declarations have been submitted directly on this I-D.

- ID nits says we should say in the abstract that we're
updating 5246 and that prohibiting-rc4 is now RFC 7465.
It also wants us to add the usual 2119 boilerplate. Those
will be taken care of after IETF LC.