[Uta] Fwd: New Version Notification for draft-ietf-uta-tls-bcp-03.txt

Sun, 21 Sep 2014 13:16:05 -0700 

Dear UTA members,
We have just issued a new version of the BCP. Thanks to all who contributed useful criticism or actual text. 

Change log:

o Disallow truncated HMAC.      
o Applicability to DTLS.        
o Some more text restructuring. 
o Host name validation is sometimes irrelevant. 
o HSTS: MUST implement, SHOULD deploy.  
o Session identities are not protected, only tickets are.       
o Clarified the target audience.

Thanks,
        Yaron

-------- Forwarded Message --------
Subject: New Version Notification for draft-ietf-uta-tls-bcp-03.txt
Date: Sun, 21 Sep 2014 13:09:20 -0700
From: [email protected]

To: Yaron Sheffer <[email protected]>, Peter Saint-Andre 
<[email protected]>, Ralph Holz <[email protected]>, Ralph Holz 
<[email protected]>, Peter Saint-Andre <[email protected]>, Yaron 
Sheffer <[email protected]>



A new version of I-D, draft-ietf-uta-tls-bcp-03.txt
has been successfully submitted by Yaron Sheffer and posted to the
IETF repository.

Name:           draft-ietf-uta-tls-bcp
Revision:       03
Title:          Recommendations for Secure Use of TLS and DTLS
Document date:  2014-09-21
Group:          uta
Pages:          19

URL: 
http://www.ietf.org/internet-drafts/draft-ietf-uta-tls-bcp-03.txt

Status:         https://datatracker.ietf.org/doc/draft-ietf-uta-tls-bcp/
Htmlized:       http://tools.ietf.org/html/draft-ietf-uta-tls-bcp-03
Diff:           http://www.ietf.org/rfcdiff?url2=draft-ietf-uta-tls-bcp-03

Abstract:
   Transport Layer Security (TLS) and Datagram Transport Security Layer
   (DTLS) are widely used to protect data exchanged over application
   protocols such as HTTP, SMTP, IMAP, POP, SIP, and XMPP.  Over the
   last few years, several serious attacks on TLS have emerged,
   including attacks on its most commonly used cipher suites and modes
   of operation.  This document provides recommendations for improving
   the security of both software implementations and deployed services
   that use TLS and DTLS.





Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat



_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta






















					Reply via email to