@techreport{ietf-tls-deprecate-obsolete-kex-08,
    number =    {draft-ietf-tls-deprecate-obsolete-kex-08},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-tls-deprecate-obsolete-kex/08/},
    author =    {Nimrod Aviram},
    title =     {{Deprecating Obsolete Key Exchange Methods in (D)TLS 1.2}},
    pagetotal = 23,
    year =      2026,
    month =     jan,
    day =       12,
    abstract =  {For (D)TLS 1.2, this document deprecates the use of two key exchanges, namely Diffie-Hellman over a finite field and RSA, and it discourages the use of static elliptic curve Diffie-Hellman cipher suites. These prescriptions apply only to (D)TLS 1.2 since (D)TLS 1.0 and TLS 1.1 are deprecated by RFC 8996 and (D)TLS 1.3 either does not use the affected algorithms or does not share the relevant configuration options. (There is no DTLS version 1.1.) This document updates RFCs 9325, 4346, 5246, 4162, 6347, 5932, 5288, 6209, 6367, 8422, 5289, 5469, 4785, 4279, 5487, 6655, and 7905, to deprecate or discourage - i.e., change to MUST NOT or SHOULD NOT, as listed in Section 5.3, Section 5.2, Section 5.3, Section 5.4, and Section 5.5 - the use of cipher suites using the above key exchange methods in (D)TLS 1.2 connections.},
}