This is great news. Thanks for helping make it happen! -Ekr
On Fri, Mar 6, 2020 at 4:03 PM John Mattsson <john.mattsson= 40ericsson....@dmarc.ietf.org> wrote: > Hi, > > I am happy to report that 3GPP just took the decision to forbid support of > MD5 and SHA-1, as well as all non-AEAD and non-PFS cipher suites in TLS. > The changes apply to all Rel-16 3GPP systems that use TLS and DTLS, which > are quite many. > > 3GPP had already mandaded support of TLS 1.3, forbidden support of TLS > 1.1, and mandated minimum key lengths of 2048 for RSA/FFDH and 255 for ECC. > 3GPP will likely mandate support of DTLS 1.3 soon after it has been > published. > > I hope this inspire other organisations to do the same. > > The changes [2][3] were approved today and an updated complete version of > the new 3GPP TLS profile can be found here [1]. Any comments or suggestions > on the 3GPP TLS profile are very welcome. > > Cheers, > John > > > [1] > https://github.com/EricssonResearch/CBOR-certificates/raw/master/3GPP%20TLS%20Profile%206%20march%202020.pdf > > [2] > http://www.3gpp.org/ftp/TSG_SA/WG3_Security/TSGS3_98e/Docs/S3-200332.zip > > [3] > https://www.3gpp.org/ftp/tsg_sa/WG3_Security/TSGS3_98e/Inbox/Drafts/draft_S3-200333-r1.doc > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
