[TLS] Last Call: <draft-ietf-tls-sslv3-diediedie-02.txt> (Deprecating Secure Sockets Layer Version 3.0) to Best Current Practice
The IESG <iesg-secretary@ietf.org> Mon, 16 March 2015 23:49 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA8601ACD50; Mon, 16 Mar 2015 16:49:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rze5_s1ouUSX; Mon, 16 Mar 2015 16:49:05 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E7D41ACD55; Mon, 16 Mar 2015 16:48:59 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 5.12.2
Auto-Submitted: auto-generated
Precedence: bulk
Sender: iesg-secretary@ietf.org
Message-ID: <20150316234859.1208.62933.idtracker@ietfa.amsl.com>
Date: Mon, 16 Mar 2015 16:48:59 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/8jWUzqaiIixFFk9lSBpcp2U5uT4>
Cc: tls@ietf.org
Subject: [TLS] Last Call: <draft-ietf-tls-sslv3-diediedie-02.txt> (Deprecating Secure Sockets Layer Version 3.0) to Best Current Practice
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Mar 2015 23:49:11 -0000
The IESG has received a request from the Transport Layer Security WG (tls) to consider the following document: - 'Deprecating Secure Sockets Layer Version 3.0' <draft-ietf-tls-sslv3-diediedie-02.txt> as Best Current Practice The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2015-03-30. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract Secure Sockets Layer version 3.0 (SSLv3) is no longer secure. This document requires that SSLv3 not be used. The replacement versions, in particular Transport Layer Security (TLS) 1.2, are considerably more secure and capable protocols. This document updates the backward compatibility sections of the TLS RFCs to prohibit fallback to SSLv3. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-tls-sslv3-diediedie/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-tls-sslv3-diediedie/ballot/ No IPR declarations have been submitted directly on this I-D. - ID nits says we should say in the abstract that we're updating 5246 and that prohibiting-rc4 is now RFC 7465. It also wants us to add the usual 2119 boilerplate. Those will be taken care of after IETF LC.