Skip to main content

TLS 1.2 is in Feature Freeze

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors Rich Salz , Nimrod Aviram
Last updated 2023-10-05
Replaced by draft-ietf-tls-tls12-frozen
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-tls-tls12-frozen
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


TLS 1.2 is in widespread use and can be configured such that it provides good security properties. TLS 1.3 is also in widespread use and fixes some known deficiencies with TLS 1.2, such as removing error-prone cryptographic primitives and encrypting more of the traffic so that it is not readable by outsiders. Both versions have several extension points, so items like new cryptographic algorithms, new supported groups (formerly "named curves"), etc., can be added without defining a new protocol. This document specifies that outside of urgent security fixes, no new features will be approved for TLS 1.2. This prescription does not pertain to DTLS (in any DTLS version); it pertains to TLS only.


Rich Salz
Nimrod Aviram

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)