New Protocols Using TLS Must Require TLS 1.3
draft-ietf-uta-require-tls13-12
Approval announcement
Draft of message to be sent after approval:
Announcement
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-uta-require-tls13@ietf.org, paul.wouters@aiven.io, rfc-editor@rfc-editor.org, uta-chairs@ietf.org, uta@ietf.org, valery@smyslov.net
Subject: Protocol Action: 'New Protocols Using TLS Must Require TLS 1.3' to Best Current Practice (draft-ietf-uta-require-tls13-12.txt)
The IESG has approved the following document:
- 'New Protocols Using TLS Must Require TLS 1.3'
(draft-ietf-uta-require-tls13-12.txt) as Best Current Practice
This document is the product of the Using TLS in Applications Working Group.
The IESG contact persons are Paul Wouters and Deb Cooley.
A URL of this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-uta-require-tls13/
Ballot Text
Technical Summary
TLS 1.2 is in use and can be configured such that it provides good
security properties. TLS 1.3 use is increasing, and fixes some known
deficiencies with TLS 1.2, such as removing error-prone cryptographic
primitives and encrypting more of the traffic so that it is not
readable by outsiders. For these reasons, new protocols must require
and assume the existence of TLS 1.3. As DTLS 1.3 is not widely
available or deployed, this prescription does not pertain to DTLS (in
any DTLS version); it pertains to TLS only.
This document updates RFC9325.
Working Group Summary
There was broad consensus.
This document is closely related to draft-ietf-tls-tls12-frozen in TLS WG.
The two document were discussed together, in particular the chairs of UTA and
TLS WGs issued the Working Group Last Calls at the same time with
cross-announcements.
Document Quality
The document does not specify a protocol.
Personnel
The Document Shepherd for this document is Valery Smyslov. The
Responsible Area Director is Paul Wouters.
RFC Editor Note