Deprecating Obsolete Key Exchange Methods in TLS 1.2
draft-ietf-tls-deprecate-obsolete-kex-03
Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Active".
Expired & archived
|
|
---|---|---|---|
Authors | Carrick Bartle , Nimrod Aviram | ||
Last updated | 2024-06-21 (Latest revision 2023-09-21) | ||
Replaces | draft-bartle-tls-deprecate-ffdh, draft-aviram-tls-deprecate-obsolete-kex | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Formats | |||
Additional resources | Mailing list discussion | ||
Stream | WG state | WG Document | |
Document shepherd | (None) | ||
IESG | IESG state | Expired | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document deprecates the use of RSA key exchange and Diffie Hellman over a finite field in TLS 1.2, and discourages the use of static elliptic curve Diffie Hellman cipher suites. Note that these prescriptions apply only to TLS 1.2 since TLS 1.0 and 1.1 are deprecated by [RFC8996] and TLS 1.3 either does not use the affected algorithm or does not share the relevant configuration options.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)