From julien at trigofacile.com  Sun Mar 10 00:29:06 2019
From: julien at trigofacile.com (=?UTF-8?Q?Julien_=c3=89LIE?=)
Date: Sun, 10 Mar 2019 09:29:06 +0100
Subject: [NNTP] Fwd: I-D Action: draft-ietf-tls-oldversions-deprecate-02.txt
In-Reply-To: <155216582664.28794.6827192522357745518@ietfa.amsl.com>
References: <155216582664.28794.6827192522357745518@ietfa.amsl.com>
Message-ID: <c9a20053-e911-008f-1e10-2e1c0a6cdb83@trigofacile.com>

Hi all,

Just to inform you of that draft from the TLS working group, that is 
scheduled to update RFC 4642 (TLS with NNTP).
Basically, the draft says that TLS 1.0 and TLS 1.1 MUST NOT be 
negotiated.  Only TLS 1.2 and 1.3 are encouraged now.

In case you have any remarks, do not hesitate to send them.

-- 
Julien


-------- Message transféré --------
Sujet : I-D Action: draft-ietf-tls-oldversions-deprecate-02.txt
Date : Sat, 09 Mar 2019 13:10:26 -0800

A New Internet-Draft is available from the on-line Internet-Drafts 
directories.
This draft is a work item of the Transport Layer Security WG of the IETF.

         Title           : Deprecating TLSv1.0 and TLSv1.1
         Authors         : Kathleen Moriarty
                           Stephen Farrell
	Filename        : draft-ietf-tls-oldversions-deprecate-02.txt
	Pages           : 22
	Date            : 2019-03-09

Abstract:
    This document, if approved, formally deprecates Transport Layer
    Security (TLS) versions 1.0 [RFC2246] and 1.1 [RFC4346] and moves
    these documents to the historic state.  These versions lack support
    for current and recommended cipher suites, and various government and
    industry profiles of applications using TLS now mandate avoiding
    these old TLS versions.  TLSv1.2 has been the recommended version for
    IETF protocols since 2008, providing sufficient time to transition
    away from older versions.  Products having to support older versions
    increase the attack surface unnecessarily and increase opportunities
    for misconfigurations.  Supporting these older versions also requires
    additional effort for library and product maintenance.

    This document also deprecates Datagram TLS (DTLS) version 1.0
    [RFC6347] (but not DTLS version 1.2, and there is no DTLS version
    1.1).

    This document updates many RFCs that normatively refer to TLSv1.0 or
    TLSv1.1 as described herein.  This document also updates RFC 7525 and
    hence is part of BCP195.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-02
https://datatracker.ietf.org/doc/html/draft-ietf-tls-oldversions-deprecate-02

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-oldversions-deprecate-02


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/