Authors and *AD, *AD - Please review question #1.
Authors - While reviewing this document during AUTH48, please resolve (as necessary) the following questions, which are also in the source file. 1) <!-- [rfced] Authors and *AD - We have marked this document as part of BCP 195 because it updates RFC 9325, which is part of BCP 195. However, please review and let us know if this document should be assigned a new BCP number instead. If needed, the complete list of BCPs is available here: https://www.rfc-editor.org/bcps --> 2) <!-- [rfced] FYI - We have updated the abbreviated title as follows. The abbreviated title only appears in the running header at the top of each page in the PDF output. Original: require-tls1.3 Updated: New Protocols Using TLS Must Require TLS 1.3 --> 3) <!-- [rfced] Abstract: How may we update "over TLS 1.2" to improve clarity? Original: TLS 1.3 use is widespread, it has had comprehensive security proofs, and it improves both security and privacy over TLS 1.2. ... This document updates RFC9325 and discusses post-quantum cryptography and the security and privacy improvements over TLS 1.2 as a rationale for that update. Perhaps: TLS 1.3 is widely used, has had comprehensive security proofs, and improves security and privacy deficiencies in TLS 1.2. ... This document updates RFC 9325. It discusses post-quantum cryptography and the security and privacy improvements in TLS 1.3 as the rationale for the update. --> 4) <!-- [rfced] Introduction: May we update "fixed weaknesses in TLS 1.2" as follows to match the sentence in the abstract? Original: This document updates RFC9325 and discusses post-quantum cryptography and fixed weaknesses in TLS 1.2 as a rationale for that update. Perhaps (per suggestion for the question above): This document updates RFC 9325. It discusses post-quantum cryptography and the security and privacy improvements in TLS 1.3 as a rationale for the update. --> 5) <!-- [rfced] Both of the sentences below are from the Introduction. Would it be helpful to remove the text about TLS 1.3 being widespread from the first sentence below since it is also mentioned in the second sentence? In addition, should "must require and assume its existence" be updated to just "must require"? Original: This document specifies that, since TLS 1.3 use is widespread, new protocols that use TLS must require and assume its existence. ... TLS 1.3 [TLS13] is in widespread use and fixes most known deficiencies with TLS 1.2. Perhaps (only first sentence updated): This document specifies that new protocols that use TLS must require TLS 1.3. ... TLS 1.3 [TLS13] is in widespread use and fixes most known deficiencies with TLS 1.2. --> 6) <!-- [rfced] Section 3: Is "For TLS" needed at the beginning of this sentence? Also, will readers understand what "these efforts" refers to? Original: For TLS it is important to note that the focus of these efforts within the TLS WG is TLS 1.3 or later, and that TLS 1.2 will not be supported (see [TLS12FROZEN]). Perhaps: It is important to note that the work on PQC within the TLS Working Group is focused on TLS 1.3 or later; TLS 1.2 will not be supported (see [TLS12FROZEN]). --> 7) <!-- [rfced] Section 4: Will readers know what "this" refers to here? Original: If the application is using a TLS implementation that supports this, and if it knows that the TLS implementation will use the highest version supported, then clients SHOULD specify just the minimum version they want. Perhaps: If the application is using a TLS implementation that supports TLS version negotiation and if it knows that the TLS implementation will use the highest version supported, then clients SHOULD specify just the minimum version they want. --> 8) <!-- [rfced] Section 5: Would it be helpful to revise these sentences as follows to enhance readability? Original: At the time it was published, it described availability of TLS 1.3 as "widely available." The transition and adoption mentioned in that document has grown, and this document now makes two changes to the recommendations in [RFC9325], Section 3.1.1: Perhaps: [RFC9325] describes TLS 1.3 as "widely available", and the transition to TLS 1.3 has further increased since publication of that document. This document thus makes two changes to the recommendations in Section 3.1.1 of [RFC9325]: --> 9) <!-- [rfced] Section 6: How may we revise the text starting with "that allows..."? Original: This is usually a devastating threat in practice, that allows e.g. obtaining secret cookies in a web setting. Perhaps: This is usually a devastating threat in practice (e.g., it allows an attacker to obtain secret cookies in a web setting). --> 10) <!-- [rfced] Section 6: Please review the following suggestions and let us know if the updates make the text more clear. a) Suggestion: Update "the protocol" to "TLS 1.2" in these sentences. Original: Secondly, the original key exchange methods specified for the protocol, namely RSA key exchange and finite field Diffie-Hellman, suffer from several weaknesses. ... Thirdly, symmetric ciphers which were widely-used in the protocol, namely RC4 and CBC cipher suites, suffer from several weaknesses. Perhaps: Second, the original key exchange methods specified for TLS 1.2, namely RSA key exchange and finite field Diffie-Hellman, suffer from several weaknesses. ... Third, symmetric ciphers that are widely used in TLS 1.2, namely RC4 and Cipher Block Chaining (CBC) cipher suites, suffer from several weaknesses. b) Suggestion: Mention TLS 1.2 in the first sentence. Original: And finally, while application layer traffic is always encrypted, most of the handshake messages are not. Therefore, the privacy provided is suboptimal. This is a protocol issue that cannot be addressed by configuration. Perhaps: Finally, while application-layer traffic in TLS 1.2 is always encrypted, most of the handshake messages are not. Therefore, the privacy provided is suboptimal. This is a protocol issue that cannot be addressed by configuration. --> 11) <!-- [rfced] Section 6: Both of the following sentences appear in the same paragraph. Would it be helpful to update to reduce redundancy? Original: CBC cipher suites have been a source of vulnerabilities throughout the years. ... There have been further similar vulnerabilities throughout the years exploiting CBC cipher suites; refer to, e.g., [CBCSCANNING] for an example and a survey of similar works. Perhaps (change second sentence): CBC cipher suites have been a source of vulnerabilities throughout the years. ... Refer to [CBCSCANNING] for another example of a vulnerability with CBC cipher suites and a survey of similar works. --> 12) <!-- [rfced] FYI - We updated the date for this reference from "August 2024" to "June 2025" to match the updated date provided at the URL. Original: [PQC] "What Is Post-Quantum Cryptography?", August 2024, <https://www.nist.gov/cybersecurity/what-post-quantum- cryptography>. Updated: [PQC] NIST, "What Is Post-Quantum Cryptography?", June 2025, <https://www.nist.gov/cybersecurity/what-post-quantum- cryptography>. --> 13) <!-- [rfced] The URL in the following reference entry appears to be broken. We were able to find an archived version from the Wayback Machine and replaced this URL with the archived link. Please let us know if you have any objections. Note that the archived version points to a research paper available for free on IEEExplore: https://ieeexplore.ieee.org/document/6956559. Let us know if you prefer to cite this paper instead. Original: [TRIPLESHAKE] "Triple Handshakes Considered Harmful Breaking and Fixing Authentication over TLS", n.d., <https://mitls.org/pages/attacks/3SHAKE>. Updated: [TRIPLESHAKE] "Triple Handshakes Considered Harmful: Breaking and Fixing Authentication over TLS", Wayback Machine archive, <https://web.archive.org/web/20250804151857/ https://mitls.org/pages/attacks/3SHAKE>. --> 14) <!-- [rfced] FYI - We have added an expansion for the following abbreviation per Section 3.6 of RFC 7322 ("RFC Style Guide"). Please review carefully to ensure correctness. Cipher Block Chaining (CBC) --> 15) <!-- [rfced] Please review the "Inclusive Language" portion of the online Style Guide <https://www.rfc-editor.org/styleguide/part2/#inclusive_language> and let us know if any changes are needed. Updates of this nature typically result in more precise language, which is helpful for readers. Note that our script did not flag any words in particular, but this should still be reviewed as a best practice. --> Thank you. Rebecca VanRheenen RFC Production Center On Jan 6, 2026, at 10:57 AM, [email protected] wrote: *****IMPORTANT***** Updated 2026/01/06 RFC Author(s): -------------- Instructions for Completing AUTH48 Your document has now entered AUTH48. Once it has been reviewed and approved by you and all coauthors, it will be published as an RFC. If an author is no longer available, there are several remedies available as listed in the FAQ (https://www.rfc-editor.org/faq/). You and you coauthors are responsible for engaging other parties (e.g., Contributors or Working Group) as necessary before providing your approval. Planning your review --------------------- Please review the following aspects of your document: * RFC Editor questions Please review and resolve any questions raised by the RFC Editor that have been included in the XML file as comments marked as follows: <!-- [rfced] ... --> These questions will also be sent in a subsequent email. * Changes submitted by coauthors Please ensure that you review any changes submitted by your coauthors. We assume that if you do not speak up that you agree to changes submitted by your coauthors. * Content Please review the full content of the document, as this cannot change once the RFC is published. Please pay particular attention to: - IANA considerations updates (if applicable) - contact information - references * Copyright notices and legends Please review the copyright notice and legends as defined in RFC 5378 and the Trust Legal Provisions (TLP – https://trustee.ietf.org/license-info). * Semantic markup Please review the markup in the XML file to ensure that elements of content are correctly tagged. For example, ensure that <sourcecode> and <artwork> are set correctly. See details at <https://authors.ietf.org/rfcxml-vocabulary>. * Formatted output Please review the PDF, HTML, and TXT files to ensure that the formatted output, as generated from the markup in the XML file, is reasonable. Please note that the TXT will have formatting limitations compared to the PDF and HTML. Submitting changes ------------------ To submit changes, please reply to this email using ‘REPLY ALL’ as all the parties CCed on this message need to see your changes. The parties include: * your coauthors * [email protected] (the RPC team) * other document participants, depending on the stream (e.g., IETF Stream participants are your working group chairs, the responsible ADs, and the document shepherd). * [email protected], which is a new archival mailing list to preserve AUTH48 conversations; it is not an active discussion list: * More info: https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc * The archive itself: https://mailarchive.ietf.org/arch/browse/auth48archive/ * Note: If only absolutely necessary, you may temporarily opt out of the archiving of messages (e.g., to discuss a sensitive matter). If needed, please add a note at the top of the message that you have dropped the address. When the discussion is concluded, [email protected] will be re-added to the CC list and its addition will be noted at the top of the message. You may submit your changes in one of two ways: An update to the provided XML file — OR — An explicit list of changes in this format Section # (or indicate Global) OLD: old text NEW: new text You do not need to reply with both an updated XML file and an explicit list of changes, as either form is sufficient. We will ask a stream manager to review and approve any changes that seem beyond editorial in nature, e.g., addition of new text, deletion of text, and technical changes. Information about stream managers can be found in the FAQ. Editorial changes do not require approval from a stream manager. Approving for publication -------------------------- To approve your RFC for publication, please reply to this email stating that you approve this RFC for publication. Please use ‘REPLY ALL’, as all the parties CCed on this message need to see your approval. Files ----- The files are available here: https://www.rfc-editor.org/authors/rfc9852.xml https://www.rfc-editor.org/authors/rfc9852.html https://www.rfc-editor.org/authors/rfc9852.pdf https://www.rfc-editor.org/authors/rfc9852.txt Diff file of the text: https://www.rfc-editor.org/authors/rfc9852-diff.html https://www.rfc-editor.org/authors/rfc9852-rfcdiff.html (side by side) Diff of the XML: https://www.rfc-editor.org/authors/rfc9852-xmldiff1.html Tracking progress ----------------- The details of the AUTH48 status of your document are here: https://www.rfc-editor.org/auth48/rfc9852 Please let us know if you have any questions. Thank you for your cooperation, RFC Editor -------------------------------------- RFC9852 (draft-ietf-uta-require-tls13-12) Title : New Protocols Using TLS Must Require TLS 1.3 Author(s) : R. Salz, N. Aviram WG Chair(s) : Leif Johansson, Valery Smyslov Area Director(s) : Deb Cooley, Paul Wouters -- auth48archive mailing list -- [email protected] To unsubscribe send an email to [email protected]
