The IESG has approved the following document: - 'Deprecating Obsolete Key Exchange Methods in (D)TLS 1.2' (draft-ietf-tls-deprecate-obsolete-kex-07.txt) as Proposed Standard
This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Paul Wouters and Deb Cooley. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-tls-deprecate-obsolete-kex/ Technical Summary This document deprecates the use of RSA key exchange and Diffie Hellman over a finite field in TLS 1.2, and discourages the use of static elliptic curve Diffie Hellman cipher suites. Note that these prescriptions apply only to TLS 1.2 since TLS 1.0 and 1.1 are deprecated by RFC 8996 and TLS 1.3 either does not use the affected algorithm or does not share the relevant configuration options. This document updates RFCs 9325, 4346, 5246, 4162, 6347, 5932, 5288, 6209, 6367, 8422, 5289, 5469, 4785, 4279, 5487, 6655, and 7905. Working Group Summary After some iterations, everyone was good with the document. Note that there is an outstanding question on whether this document as a Standards Track doc, should perhaps be a BCP since this document obsoletes RFC9325 which is part of BCP195. Document Quality This document does not specify a protocol. Personnel The Document Shepherd for this document is Joseph A. Salowey. The Responsible Area Director is Paul Wouters. _______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
