Hi Johannes, TLS 1.2 has been obsoleted by TLS 1.3. Prior to this, other specifications have profiles the algorithm choice (see RFC 7525 and RFC 7925).
Ciao Hannes -----Original Message----- From: TLS <tls-boun...@ietf.org> On Behalf Of RFC Errata System Sent: Wednesday, May 5, 2021 12:21 PM To: t...@dierks.org; e...@rtfm.com; r...@cert.org; ka...@mit.edu; c...@heapingbits.net; j...@salowey.net; sean+i...@sn3rd.com Cc: rfc-edi...@rfc-editor.org; tls@ietf.org; johannes.goerl...@siemens.com Subject: [TLS] [Technical Errata Reported] RFC5246 (6572) The following errata report has been submitted for RFC5246, "The Transport Layer Security (TLS) Protocol Version 1.2". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid6572 -------------------------------------- Type: Technical Reported by: Johannes Görlich <johannes.goerl...@siemens.com> Section: 9 Original Text ------------- In the absence of an application profile standard specifying otherwise, a TLS-compliant application MUST implement the cipher suite TLS_RSA_WITH_AES_128_CBC_SHA (see Appendix A.5 for the definition). Corrected Text -------------- In the absence of an application profile standard specifying otherwise, a TLS-compliant application MUST implement the cipher suite TLS_RSA_WITH_AES_128_GCM_SHA256 (see Appendix A.5 for the definition). Notes ----- A must-be-implement cipher suite should not relay on a bulk encryption algorithm which is vulnerable to plain-text attacks or on a secure hash algorithm which has been proven to be insecure. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC5246 (draft-ietf-tls-rfc4346-bis-10) -------------------------------------- Title : The Transport Layer Security (TLS) Protocol Version 1.2 Publication Date : August 2008 Author(s) : T. Dierks, E. Rescorla Category : PROPOSED STANDARD Source : Transport Layer Security Area : Security Stream : IETF Verifying Party : IESG _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
