[TLS] Protocol Action: 'TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks' to Proposed Standard (draft-ietf-tls-downgrade-scsv-05.txt)

The IESG <iesg-secretary@ietf.org> Tue, 24 February 2015 17:05 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2411C1A1BC2; Tue, 24 Feb 2015 09:05:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qBqhk7f6edNo; Tue, 24 Feb 2015 09:05:53 -0800 (PST)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C69181A8868; Tue, 24 Feb 2015 09:05:45 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 5.11.0.p2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150224170545.678.71458.idtracker@ietfa.amsl.com>
Date: Tue, 24 Feb 2015 09:05:45 -0800
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/UQD3D4xbFSU1U5O39qX28ZuTAIE>
Cc: tls mailing list <tls@ietf.org>, tls chair <tls-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: [TLS] Protocol Action: 'TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks' to Proposed Standard (draft-ietf-tls-downgrade-scsv-05.txt)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Feb 2015 17:05:55 -0000

The IESG has approved the following document:
- 'TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing
   Protocol Downgrade Attacks'
  (draft-ietf-tls-downgrade-scsv-05.txt) as Proposed Standard

This document is the product of the Transport Layer Security Working
Group.

The IESG contact persons are Stephen Farrell and Kathleen Moriarty.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-tls-downgrade-scsv/





Technical Summary

   This document defines a Signaling Cipher Suite Value (SCSV) that
   prevents protocol downgrade attacks on the Transport Layer Security
   (TLS) protocol.  It updates RFC 2246, RFC 4346, and RFC 5246.

Working Group Summary

   Was there anything in the WG process that is worth noting?
 
   Yes. Lots and lots of argument:-) See the shepherd writeup
   for details. 

   The IETF LC mostly repeated arguments already aired and
   disposed of during the WG process, or was about TLS1.3.

   Consensus for this is rough, but fairly clear. 

Document Quality

   Based on some measurements taken back in November 14.4% 
   of TLS servers on the Internet now support the mechanism described 
   in this draft. 

Personnel

   Sean Turner is the document Shepherd, Stephen Farrell is the irresponsible AD.