Deprecating TLSv1.0 and TLSv1.1
draft-moriarty-tls-oldversions-diediedie-01
Document | Type |
Replaced Internet-Draft
(tls WG)
Expired & archived
|
|
---|---|---|---|
Authors | Kathleen Moriarty , Stephen Farrell | ||
Last updated | 2018-09-10 (Latest revision 2018-07-25) | ||
Replaced by | draft-ietf-tls-oldversions-deprecate | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Intended RFC status | (None) | ||
Formats | |||
Additional resources | Mailing list discussion | ||
Stream | WG state | Adopted by a WG | |
Document shepherd | (None) | ||
IESG | IESG state | Replaced by draft-ietf-tls-oldversions-deprecate | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document [if approved] formally deprecates Transport Layer Security (TLS) versions 1.0 [RFC2246] and 1.1 [RFC4346] and moves these documents to the historic state. These versions lack support for current and recommended cipher suites, and various government and industry profiiles of applications using TLS now mandate avoiding these old TLS versions. TLSv1.2 has been the recommended version for IETF protocols since 2008, providing sufficient time to transition away from older versions. Products having to support older versions increase the attack surface unnecessarily and increase opportunities for misconfigurations. Supporting these older versions also requires additional effort for library and product maintenance. This document updates the backward compatibility sections of TLS RFCs [[list TBD]] to prohibit fallback to TLSv1.0 and TLSv1.1. This document also updates RFC 7525.
Authors
Kathleen Moriarty
Stephen Farrell
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)