The IESG has approved the following document: - 'New Protocols Using TLS Must Require TLS 1.3' (draft-ietf-uta-require-tls13-12.txt) as Best Current Practice
This document is the product of the Using TLS in Applications Working Group. The IESG contact persons are Paul Wouters and Deb Cooley. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-uta-require-tls13/ Technical Summary TLS 1.2 is in use and can be configured such that it provides good security properties. TLS 1.3 use is increasing, and fixes some known deficiencies with TLS 1.2, such as removing error-prone cryptographic primitives and encrypting more of the traffic so that it is not readable by outsiders. For these reasons, new protocols must require and assume the existence of TLS 1.3. As DTLS 1.3 is not widely available or deployed, this prescription does not pertain to DTLS (in any DTLS version); it pertains to TLS only. This document updates RFC9325. Working Group Summary There was broad consensus. This document is closely related to draft-ietf-tls-tls12-frozen in TLS WG. The two document were discussed together, in particular the chairs of UTA and TLS WGs issued the Working Group Last Calls at the same time with cross-announcements. Document Quality The document does not specify a protocol. Personnel The Document Shepherd for this document is Valery Smyslov. The Responsible Area Director is Paul Wouters. _______________________________________________ Uta mailing list -- [email protected] To unsubscribe send an email to [email protected]
