The following errata report has been submitted for RFC7568, "Deprecating Secure Sockets Layer Version 3.0".
-------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=7568&eid=4561 -------------------------------------- Type: Editorial Reported by: Richard Petrie <rap1...@ksu.edu> Section: 1. Original Text ------------- Since it was released in 1996, the SSLv3 protocol [RFC6101] has been subject to a long series of attacks, both on its key exchange mechanism and on the encryption schemes it supports. Despite being replaced by TLS 1.0 [RFC2246] in 1999, and subsequently TLS 1.1 in 2002 [RFC4346] and 1.2 in 2006 [RFC5246], availability of these replacement versions has not been universal. As a result, many implementations of TLS have permitted the negotiation of SSLv3. The predecessor of SSLv3, SSL version 2, is no longer considered sufficiently secure [RFC6176]. SSLv3 now follows. Corrected Text -------------- Since it was released in 1996, the SSLv3 protocol [RFC6101] has been subject to a long series of attacks, both on its key exchange mechanism and on the encryption schemes it supports. Despite being replaced by TLS 1.0 [RFC2246] in 1999, and subsequently TLS 1.1 in 2006 [RFC4346] and 1.2 in 2008 [RFC5246], availability of these replacement versions has not been universal. As a result, many implementations of TLS have permitted the negotiation of SSLv3. The predecessor of SSLv3, SSL version 2, is no longer considered sufficiently secure [RFC6176]. SSLv3 now follows. Notes ----- TLS 1.1 was first drafted in 2002, but not published until 2006. Similarly, TLS 1.2 was drafted in 2006, but not published until 2008. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party (IESG) can log in to change the status and edit the report, if necessary. -------------------------------------- RFC7568 (draft-ietf-tls-sslv3-diediedie-03) -------------------------------------- Title : Deprecating Secure Sockets Layer Version 3.0 Publication Date : June 2015 Author(s) : R. Barnes, M. Thomson, A. Pironti, A. Langley Category : PROPOSED STANDARD Source : Transport Layer Security Area : Security Stream : IETF Verifying Party : IESG _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
