attachment
<div dir="ltr"><br clear="all"><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">---------- Forwarded message ---------<br>From: <span dir="auto"><<a href="mailto:rfc-editor@rfc-editor.org">rfc-editor@rfc-editor.org</a>></span><br>Date: Tue, Mar 23, 2021 at 1:51 PM<br>Subject: [TLS] BCP 195, RFC 8996 on Deprecating TLS 1.0 and TLS 1.1<br>To: <<a href="mailto:ietf-announce@ietf.org">ietf-announce@ietf.org</a>>, <<a href="mailto:rfc-dist@rfc-editor.org">rfc-dist@rfc-editor.org</a>><br>Cc: <<a href="mailto:drafts-update-ref@iana.org">drafts-update-ref@iana.org</a>>, <<a href="mailto:tls@ietf.org">tls@ietf.org</a>>, <<a href="mailto:rfc-editor@rfc-editor.org">rfc-editor@rfc-editor.org</a>><br></div><br><br>A new Request for Comments is now available in online RFC libraries.<br>
<br>
BCP 195 <br>
RFC 8996<br>
<br>
Title: Deprecating TLS 1.0 and TLS 1.1 <br>
Author: K. Moriarty,<br>
S. Farrell<br>
Status: Best Current Practice<br>
Stream: IETF<br>
Date: March 2021<br>
Mailbox: <a href="mailto:Kathleen.Moriarty.ietf@gmail.com" target="_blank">Kathleen.Moriarty.ietf@gmail.com</a>,<br>
<a href="mailto:stephen.farrell@cs.tcd.ie" target="_blank">stephen.farrell@cs.tcd.ie</a><br>
Pages: 18<br>
Obsoletes: RFC 5469, RFC 7507<br>
Updates: RFC 3261, RFC 3329, RFC 3436, RFC 3470, RFC 3501,<br>
RFC 3552, RFC 3568, RFC 3656, RFC 3749, RFC 3767, <br>
RFC 3856, RFC 3871, RFC 3887, RFC 3903, RFC 3943, <br>
RFC 3983, RFC 4097, RFC 4111, RFC 4162, RFC 4168, <br>
RFC 4217, RFC 4235, RFC 4261, RFC 4279, RFC 4497, <br>
RFC 4513, RFC 4531, RFC 4540, RFC 4582, RFC 4616, <br>
RFC 4642, RFC 4680, RFC 4681, RFC 4712, RFC 4732, <br>
RFC 4743, RFC 4744, RFC 4785, RFC 4791, RFC 4823, <br>
RFC 4851, RFC 4964, RFC 4975, RFC 4976, RFC 4992, <br>
RFC 5018, RFC 5019, RFC 5023, RFC 5024, RFC 5049, <br>
RFC 5054, RFC 5091, RFC 5158, RFC 5216, RFC 5238, <br>
RFC 5263, RFC 5281, RFC 5364, RFC 5415, RFC 5422, <br>
RFC 5456, RFC 5734, RFC 5878, RFC 5953, RFC 6012, <br>
RFC 6042, RFC 6083, RFC 6084, RFC 6176, RFC 6347, <br>
RFC 6353, RFC 6367, RFC 6460, RFC 6614, RFC 6739, <br>
RFC 6749, RFC 6750, RFC 7030, RFC 7465, RFC 7525, <br>
RFC 7562, RFC 7568, RFC 8261, RFC 8422<br>
See Also: BCP 195<br>
<br>
I-D Tag: draft-ietf-tls-oldversions-deprecate-12.txt<br>
<br>
URL: <a href="https://www.rfc-editor.org/info/rfc8996" rel="noreferrer" target="_blank">https://www.rfc-editor.org/info/rfc8996</a><br>
<br>
DOI: 10.17487/RFC8996<br>
<br>
This document formally deprecates Transport Layer Security (TLS)<br>
versions 1.0 (RFC 2246) and 1.1 (RFC 4346). Accordingly, those<br>
documents have been moved to Historic status. These versions lack<br>
support for current and recommended cryptographic algorithms and<br>
mechanisms, and various government and industry profiles of<br>
applications using TLS now mandate avoiding these old TLS versions.<br>
TLS version 1.2 became the recommended version for IETF protocols in<br>
2008 (subsequently being obsoleted by TLS version 1.3 in 2018),<br>
providing sufficient time to transition away from older versions.<br>
Removing support for older versions from implementations reduces the<br>
attack surface, reduces opportunity for misconfiguration, and<br>
streamlines library and product maintenance. <br>
<br>
This document also deprecates Datagram TLS (DTLS) version 1.0 (RFC<br>
4347) but not DTLS version 1.2, and there is no DTLS version 1.1.<br>
<br>
This document updates many RFCs that normatively refer to TLS version<br>
1.0 or TLS version 1.1, as described herein. This document also<br>
updates the best practices for TLS usage in RFC 7525; hence, it is<br>
part of BCP 195.<br>
<br>
This document is a product of the Transport Layer Security Working Group of the IETF.<br>
<br>
<br>
BCP: This document specifies an Internet Best Current Practices for the<br>
Internet Community, and requests discussion and suggestions for <br>
improvements. Distribution of this memo is unlimited.<br>
<br>
This announcement is sent to the IETF-Announce and rfc-dist lists.<br>
To subscribe or unsubscribe, see<br>
<a href="https://www.ietf.org/mailman/listinfo/ietf-announce" rel="noreferrer" target="_blank">https://www.ietf.org/mailman/listinfo/ietf-announce</a><br>
<a href="https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist" rel="noreferrer" target="_blank">https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist</a><br>
<br>
For searching the RFC series, see <a href="https://www.rfc-editor.org/search" rel="noreferrer" target="_blank">https://www.rfc-editor.org/search</a><br>
For downloading RFCs, see <a href="https://www.rfc-editor.org/retrieve/bulk" rel="noreferrer" target="_blank">https://www.rfc-editor.org/retrieve/bulk</a><br>
<br>
Requests for special distribution should be addressed to either the<br>
author of the RFC in question, or to <a href="mailto:rfc-editor@rfc-editor.org" target="_blank">rfc-editor@rfc-editor.org</a>. Unless<br>
specifically noted otherwise on the RFC itself, all RFCs are for<br>
unlimited distribution.<br>
<br>
<br>
The RFC Editor Team<br>
Association Management Solutions, LLC<br>
<br>
_______________________________________________<br>
TLS mailing list<br>
<a href="mailto:TLS@ietf.org" target="_blank">TLS@ietf.org</a><br>
<a href="https://www.ietf.org/mailman/listinfo/tls" rel="noreferrer" target="_blank">https://www.ietf.org/mailman/listinfo/tls</a><br>
</div></div>