Hi, It looks like the requirements in §2 and §3 regarding FFDH(E) update the guidance given in RFC9325 (i.e., SHOULD NOT => MUST NOT).
I guess this must be reflected in the "Updates" header. cheers, thanks t On Thu, 21 Sept 2023 at 10:22, <internet-dra...@ietf.org> wrote: > > Internet-Draft draft-ietf-tls-deprecate-obsolete-kex-03.txt is now available. > It is a work item of the Transport Layer Security (TLS) WG of the IETF. > > Title: Deprecating Obsolete Key Exchange Methods in TLS 1.2 > Authors: Carrick Bartle > Nimrod Aviram > Name: draft-ietf-tls-deprecate-obsolete-kex-03.txt > Pages: 20 > Dates: 2023-09-21 > > Abstract: > > This document deprecates the use of RSA key exchange and Diffie > Hellman over a finite field in TLS 1.2, and discourages the use of > static elliptic curve Diffie Hellman cipher suites. > > Note that these prescriptions apply only to TLS 1.2 since TLS 1.0 and > 1.1 are deprecated by [RFC8996] and TLS 1.3 either does not use the > affected algorithm or does not share the relevant configuration > options. > > The IETF datatracker status page for this Internet-Draft is: > https://datatracker.ietf.org/doc/draft-ietf-tls-deprecate-obsolete-kex/ > > There is also an HTML version available at: > https://www.ietf.org/archive/id/draft-ietf-tls-deprecate-obsolete-kex-03.html > > A diff from the previous version is available at: > https://author-tools.ietf.org/iddiff?url2=draft-ietf-tls-deprecate-obsolete-kex-03 > > Internet-Drafts are also available by rsync at: > rsync.ietf.org::internet-drafts > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls