[PWG-Announce] Fwd: [TLS] Protocol Action: 'Deprecating Secure Sockets Layer Version 3.0' to Best Current Practice (draft-ietf-tls-sslv3-diediedie-03.txt)

[PWG-Announce] Fwd: [TLS] Protocol Action: 'Deprecating Secure Sockets Layer Version 3.0' to Best Current Practice (draft-ietf-tls-sslv3-diediedie-03.txt)

[PWG-Announce] Fwd: [TLS] Protocol Action: 'Deprecating Secure Sockets Layer Version 3.0' to Best Current Practice (draft-ietf-tls-sslv3-diediedie-03.txt)

Ira McDonald blueroofmusic at gmail.com
Mon Apr 13 19:01:19 UTC 2015


---------- Forwarded message ----------
From: The IESG <iesg-secretary at ietf.org>
Date: Mon, Apr 13, 2015 at 2:02 PM
Subject: [TLS] Protocol Action: 'Deprecating Secure Sockets Layer Version
3.0' to Best Current Practice (draft-ietf-tls-sslv3-diediedie-03.txt)
To: IETF-Announce <ietf-announce at ietf.org>
Cc: tls mailing list <tls at ietf.org>, tls chair <tls-chairs at tools.ietf.org>,
RFC Editor <rfc-editor at rfc-editor.org>


The IESG has approved the following document:
- 'Deprecating Secure Sockets Layer Version 3.0'
  (draft-ietf-tls-sslv3-diediedie-03.txt) as Best Current Practice

This document is the product of the Transport Layer Security Working
Group.

The IESG contact persons are Stephen Farrell and Kathleen Moriarty.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-tls-sslv3-diediedie/





Technical Summary

   Secure Sockets Layer version 3.0 (SSLv3) is no longer secure.  This
   document requires that SSLv3 not be used.  The replacement versions,
   in particular Transport Layer Security (TLS) 1.2, are considerably
   more secure and capable protocols.

   This document updates the backward compatibility sections of the TLS
   RFCs to prohibit fallback to SSLv3.

Working Group Summary

   This document has been actively reviewed by the TLS working
   group.  There is strong community consensus behind the document.

Document Quality

   Are there existing implementations of the protocol?  Yes, and
   that's the problem;-)    However, many deployments and
   implementations have already started disabling SSLv3.

Personnel

   Joseph Salowey is the document shepherd.
   Stephen Farrell is the responsible AD for this document.

_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/pwg-announce/attachments/20150413/310b90b5/attachment.html>


More information about the pwg-announce mailing list