[Uta] Fwd: New Version Notification for draft-ietf-uta-tls-bcp-02.txt

Sun, 24 Aug 2014 12:54:06 -0700 

Dear UTA folks,

This is a relatively large revision. The change log:
- Rearranged some sections for clarity and re-styled the text so that normative text is followed by rationale where possible. 
- Removed the recommendation to use Brainpool curves.
- Triple Handshake mitigation.
- MUST NOT negotiate algorithms lower than 112 bits of security.
- MUST implement SNI, but use per local policy.
- Changed SHOULD NOT negotiate or fall back to SSLv3 to MUST NOT.
- Added hostname validation.
- Non-normative discussion of DH exponent reuse.

Thanks,
        Yaron

-------- Forwarded Message --------
Subject: New Version Notification for draft-ietf-uta-tls-bcp-02.txt
Date: Sun, 24 Aug 2014 12:49:11 -0700
From: [email protected]
To: Yaron Sheffer <[email protected]>, Ralph Holz <[email protected]>, Peter Saint-Andre <[email protected]>, Ralph Holz <[email protected]>, Peter Saint-Andre <[email protected]>, Yaron Sheffer <[email protected]> 


A new version of I-D, draft-ietf-uta-tls-bcp-02.txt
has been successfully submitted by Yaron Sheffer and posted to the
IETF repository.

Name:           draft-ietf-uta-tls-bcp
Revision:       02
Title:          Recommendations for Secure Use of TLS and DTLS
Document date:  2014-08-24
Group:          uta
Pages:          17
URL: http://www.ietf.org/internet-drafts/draft-ietf-uta-tls-bcp-02.txt 
Status:         https://datatracker.ietf.org/doc/draft-ietf-uta-tls-bcp/
Htmlized:       http://tools.ietf.org/html/draft-ietf-uta-tls-bcp-02
Diff:           http://www.ietf.org/rfcdiff?url2=draft-ietf-uta-tls-bcp-02

Abstract:
   Transport Layer Security (TLS) and Datagram Transport Security Layer
   (DTLS) are widely used to protect data exchanged over application
   protocols such as HTTP, SMTP, IMAP, POP, SIP, and XMPP.  Over the
   last few years, several serious attacks on TLS have emerged,
   including attacks on its most commonly used cipher suites and modes
   of operation.  This document provides recommendations for improving
   the security of both software implementations and deployed services
   that use TLS and DTLS.





Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat



_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta

Reply via email to