On Thursday, 8 November 2018 06:28:31 CET internet-dra...@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. This draft is a work item of the Transport Layer Security WG > of the IETF. > > Title : Deprecating TLSv1.0 and TLSv1.1 > Authors : Kathleen Moriarty > Stephen Farrell > Filename : draft-ietf-tls-oldversions-deprecate-01.txt > Pages : 21 > Date : 2018-11-07 > > Abstract: > This document, if approved, formally deprecates Transport Layer > Security (TLS) versions 1.0 [RFC2246] and 1.1 [RFC4346] and moves > these documents to the historic state. These versions lack support > for current and recommended cipher suites, and various government and > industry profiles of applications using TLS now mandate avoiding > these old TLS versions. TLSv1.2 has been the recommended version for > IETF protocols since 2008, providing sufficient time to transition > away from older versions. Products having to support older versions > increase the attack surface unnecessarily and increase opportunities > for misconfigurations. Supporting these older versions also requires > additional effort for library and product maintenance. > > This document updates many RFCs that normatively refer to TLS1.0 or > TLS1.1 as described herein. This document also updates RFC 7525 and > hence is part of BCP195.
what was the rationale for dropping the section about deprecating SHA-1 in TLS 1.2? I see nothing in minutes from IETF103. -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls