TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: RFC Editor <email@example.com>, tls mailing list <firstname.lastname@example.org>, tls chair <email@example.com> Subject: Protocol Action: 'TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks' to Proposed Standard (draft-ietf-tls-downgrade-scsv-05.txt) The IESG has approved the following document: - 'TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks' (draft-ietf-tls-downgrade-scsv-05.txt) as Proposed Standard This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Stephen Farrell and Kathleen Moriarty. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-tls-downgrade-scsv/
Technical Summary This document defines a Signaling Cipher Suite Value (SCSV) that prevents protocol downgrade attacks on the Transport Layer Security (TLS) protocol. It updates RFC 2246, RFC 4346, and RFC 5246. Working Group Summary Was there anything in the WG process that is worth noting? Yes. Lots and lots of argument:-) See the shepherd writeup for details. The IETF LC mostly repeated arguments already aired and disposed of during the WG process, or was about TLS1.3. Consensus for this is rough, but fairly clear. Document Quality Based on some measurements taken back in November 14.4% of TLS servers on the Internet now support the mechanism described in this draft. Personnel Sean Turner is the document Shepherd, Stephen Farrell is the irresponsible AD.