Skip to main content

Last Call Review of draft-ietf-tls-prohibiting-rc4-01
review-ietf-tls-prohibiting-rc4-01-opsdir-lc-morton-2014-12-04-00

Request Review of draft-ietf-tls-prohibiting-rc4
Requested revision No specific revision (document currently at 01)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2014-12-10
Requested 2014-11-28
Authors Andrei Popov
I-D last updated 2014-12-04
Completed reviews Genart Last Call review of -01 by Dan Romascanu
Genart Telechat review of -01 by Dan Romascanu
Secdir Last Call review of -01 by Taylor Yu
Opsdir Last Call review of -01 by Al Morton
Assignment Reviewer Al Morton
State Completed
Request Last Call review on draft-ietf-tls-prohibiting-rc4 by Ops Directorate Assigned
Reviewed revision 01
Result Has nits
Completed 2014-12-04
review-ietf-tls-prohibiting-rc4-01-opsdir-lc-morton-2014-12-04-00
Authors,

This is the OPS-DIR review of your draft,
which proposes revising TLS so that:

   o  TLS clients MUST NOT include RC4 cipher suites in the ClientHello
      message.

   o  TLS servers MUST NOT select an RC4 cipher suite when a TLS client
      sends such a cipher suite in the ClientHello message.

>From on operator's perspective, this will give us an approved
RFC we can take to vendors whose products are not already configurable
in this regard.

Ship it.

regards,
Al