Skip to main content

Deprecating Obsolete Key Exchange Methods in TLS 1.2

Document Type Expired Internet-Draft (tls WG)
Expired & archived
Authors Carrick Bartle , Nimrod Aviram
Last updated 2024-03-24 (Latest revision 2023-09-21)
Replaces draft-bartle-tls-deprecate-ffdh, draft-aviram-tls-deprecate-obsolete-kex
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state In WG Last Call
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document deprecates the use of RSA key exchange and Diffie Hellman over a finite field in TLS 1.2, and discourages the use of static elliptic curve Diffie Hellman cipher suites. Note that these prescriptions apply only to TLS 1.2 since TLS 1.0 and 1.1 are deprecated by [RFC8996] and TLS 1.3 either does not use the affected algorithm or does not share the relevant configuration options.


Carrick Bartle
Nimrod Aviram

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)