[TLS] Last Call: <draft-ietf-tls-md5-sha1-deprecate-04.txt> (Deprecating MD5 and SHA-1 signature hashes in TLS 1.2) to Proposed Standard

The IESG <iesg-secretary@ietf.org> Wed, 14 October 2020 18:40 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: tls@ietf.org
Delivered-To: tls@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B41E3A0FCC; Wed, 14 Oct 2020 11:40:05 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: "IETF-Announce" <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 7.20.0
Auto-Submitted: auto-generated
Precedence: bulk
CC: joe@salowey.net, rdd@cert.org, tls@ietf.org, draft-ietf-tls-md5-sha1-deprecate@ietf.org, tls-chairs@ietf.org
Reply-To: last-call@ietf.org
Sender: <iesg-secretary@ietf.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <160270080535.5894.280254092203286109@ietfa.amsl.com>
Date: Wed, 14 Oct 2020 11:40:05 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/KOB657oaaQ6LUN5ceVmvfvBmSTo>
Subject: [TLS] Last Call: <draft-ietf-tls-md5-sha1-deprecate-04.txt> (Deprecating MD5 and SHA-1 signature hashes in TLS 1.2) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Oct 2020 18:40:06 -0000

The IESG has received a request from the Transport Layer Security WG (tls) to
consider the following document: - 'Deprecating MD5 and SHA-1 signature
hashes in TLS 1.2'
  <draft-ietf-tls-md5-sha1-deprecate-04.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@ietf.org mailing lists by 2020-10-28. Exceptionally, comments may
be sent to iesg@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


   The MD5 and SHA-1 hashing algorithms are steadily weakening in
   strength and their deprecation process should begin for their use in
   TLS 1.2 digital signatures.  However, this document does not
   deprecate SHA-1 in HMAC for record protection.  This document updates
   RFC 5246 and RFC 7525.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-tls-md5-sha1-deprecate/



No IPR declarations have been submitted directly on this I-D.