The IESG has approved the following document: - 'Deprecating MD5 and SHA-1 signature hashes in (D)TLS 1.2' (draft-ietf-tls-md5-sha1-deprecate-09.txt) as Proposed Standard
This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-tls-md5-sha1-deprecate/ Technical Summary The MD5 and SHA-1 hashing algorithms are increasingly vulnerable to attack and this document deprecates their use in TLS 1.2 digital signatures. However, this document does not deprecate SHA-1 in HMAC for record protection. This document updates RFC 5246. Working Group Summary * There is strong support in the working group for this document. Primary items during WGLC was around the consistency of the normative language. * Discussion from AD Review and IETC LC saw the streamlining of the update guidance to RFC5246 and dropping an formal update to RFC7525 (as it is being revised). Document Quality * There was review from the WG, comments from the IETF LC and Directorates (in particular IoTDIR) were addressed. Personnel Document Shepherd = Sean Turner Responsible AD = Roman Danyliw _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
