TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks
RFC 7507

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: RFC Editor <rfc-editor@rfc-editor.org>,
    tls mailing list <tls@ietf.org>,
    tls chair <tls-chairs@tools.ietf.org>
Subject: Protocol Action: 'TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks' to Proposed Standard (draft-ietf-tls-downgrade-scsv-05.txt)

The IESG has approved the following document:
- 'TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing
   Protocol Downgrade Attacks'
  (draft-ietf-tls-downgrade-scsv-05.txt) as Proposed Standard

This document is the product of the Transport Layer Security Working
Group.

The IESG contact persons are Stephen Farrell and Kathleen Moriarty.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-tls-downgrade-scsv/


Technical Summary

   This document defines a Signaling Cipher Suite Value (SCSV) that
   prevents protocol downgrade attacks on the Transport Layer Security
   (TLS) protocol.  It updates RFC 2246, RFC 4346, and RFC 5246.

Working Group Summary

   Was there anything in the WG process that is worth noting?
 
   Yes. Lots and lots of argument:-) See the shepherd writeup
   for details. 

   The IETF LC mostly repeated arguments already aired and
   disposed of during the WG process, or was about TLS1.3.

   Consensus for this is rough, but fairly clear. 

Document Quality

   Based on some measurements taken back in November 14.4% 
   of TLS servers on the Internet now support the mechanism described 
   in this draft. 

Personnel

   Sean Turner is the document Shepherd, Stephen Farrell is the irresponsible AD.