Last Call Review of draft-ietf-tls-md5-sha1-deprecate-04
review-ietf-tls-md5-sha1-deprecate-04-secdir-lc-salz-2020-10-22-00
| Request | Review of | draft-ietf-tls-md5-sha1-deprecate |
|---|---|---|
| Requested revision | No specific revision (document currently at 09) | |
| Type | IETF Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2020-10-28 | |
| Requested | 2020-10-14 | |
| Authors | Loganaden Velvindron , Kathleen Moriarty , Alessandro Ghedini | |
| I-D last updated | 2021-12-20 (Latest revision 2021-09-20) | |
| Completed reviews |
Genart IETF Last Call review of -04
by Meral Shirazipour
(diff)
Iotdir IETF Last Call review of -04 by Daniel Migault (diff) Intdir IETF Last Call review of -04 by Ted Lemon (diff) Secdir IETF Last Call review of -04 by Rich Salz (diff) |
|
| Assignment | Reviewer | Rich Salz |
| State | Completed | |
| Request | IETF Last Call review on draft-ietf-tls-md5-sha1-deprecate by Security Area Directorate Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/secdir/W9YTl-krOsdnBLwTlVLAlEA7m5U | |
| Reviewed revision | 04 (document currently at 09) | |
| Result | Has nits | |
| Completed | 2020-10-22 |
review-ietf-tls-md5-sha1-deprecate-04-secdir-lc-salz-2020-10-22-00
I'm the assigned security directorate reviewer for this draft. This is intended for use by the Sec ADs, but anyone else who gleans wisdom from this message is free to use it as they see fit. The document is READY. There are some nits, which can be found at https://www6.ietf.org/tools/idnits?url=https://www.ietf.org/archive/id/draft-ietf-tls-md5-sha1-deprecate-04.txt or by clicking on the "nits" tab on the datatracker page. Don't use MD5 or SHA1 as digests. If you do, bad people in shadows wearing hoodies will be able to steal your information, impersonate or break your TLS or other connections, and so on. This document gives more rationale and updates some RFC's. This NITS should be fixed, but this should be published.