FYI. The XMPP community should be aware of this document, which
obsoletes RFC 7525 and thereby updates RFC 7590:
https://www.rfc-editor.org/rfc/rfc7590.txt
https://www.rfc-editor.org/rfc/rfc9325.txt
Peter
-------- Forwarded Message --------
Subject: [Uta] BCP 195, RFC 9325 on Recommendations for Secure Use of
Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
Date: Wed, 30 Nov 2022 06:06:09 -0800 (PST)
From: rfc-edi...@rfc-editor.org
To: ietf-annou...@ietf.org, rfc-d...@rfc-editor.org
CC: rfc-edi...@rfc-editor.org, drafts-update-...@iana.org, u...@ietf.org
A new Request for Comments is now available in online RFC libraries.
BCP 195 RFC 9325
Title: Recommendations for Secure Use of
Transport Layer Security (TLS) and Datagram
Transport Layer Security (DTLS) Author: Y. Sheffer,
P. Saint-Andre,
T. Fossati
Status: Best Current Practice
Stream: IETF
Date: November 2022
Mailbox: yaronf.i...@gmail.com,
stpe...@stpeter.im,
thomas.foss...@arm.com
Pages: 34
Obsoletes: RFC 7525
Updates: RFC 5288, RFC 6066
See Also: BCP 195
I-D Tag: draft-ietf-uta-rfc7525bis-11.txt
URL: https://www.rfc-editor.org/info/rfc9325
DOI: 10.17487/RFC9325
Transport Layer Security (TLS) and Datagram Transport Layer Security
(DTLS) are used to protect data exchanged over a wide range of
application protocols and can also form the basis for secure
transport protocols. Over the years, the industry has witnessed
several serious attacks on TLS and DTLS, including attacks on the
most commonly used cipher suites and their modes of operation. This
document provides the latest recommendations for ensuring the
security of deployed services that use TLS and DTLS. These
recommendations are applicable to the majority of use cases.
RFC 7525, an earlier version of the TLS recommendations, was
published when the industry was transitioning to TLS 1.2. Years
later, this transition is largely complete, and TLS 1.3 is widely
available. This document updates the guidance given the new
environment and obsoletes RFC 7525. In addition, this document
updates RFCs 5288 and 6066 in view of recent attacks.
This document is a product of the Using TLS in Applications Working
Group of the IETF.
BCP: This document specifies an Internet Best Current Practices for the
Internet Community, and requests discussion and suggestions for
improvements. Distribution of this memo is unlimited.
This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
https://www.ietf.org/mailman/listinfo/ietf-announce
https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk
Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-edi...@rfc-editor.org. Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.
The RFC Editor Team
Association Management Solutions, LLC
_______________________________________________
Uta mailing list
u...@ietf.org
https://www.ietf.org/mailman/listinfo/uta
_______________________________________________
Standards mailing list
Info: https://mail.jabber.org/mailman/listinfo/standards
Unsubscribe: standards-unsubscr...@xmpp.org
_______________________________________________