The following errata report has been rejected for RFC5246, "The Transport Layer Security (TLS) Protocol Version 1.2".
-------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid6572 -------------------------------------- Status: Rejected Type: Technical Reported by: Johannes Görlich <johannes.goerl...@siemens.com> Date Reported: 2021-05-05 Rejected by: Paul Wouters (IESG) Section: 9 Original Text ------------- In the absence of an application profile standard specifying otherwise, a TLS-compliant application MUST implement the cipher suite TLS_RSA_WITH_AES_128_CBC_SHA (see Appendix A.5 for the definition). Corrected Text -------------- In the absence of an application profile standard specifying otherwise, a TLS-compliant application MUST implement the cipher suite TLS_RSA_WITH_AES_128_GCM_SHA256 (see Appendix A.5 for the definition). Notes ----- A must-be-implement cipher suite should not relay on a bulk encryption algorithm which is vulnerable to plain-text attacks or on a secure hash algorithm which has been proven to be insecure. --VERIFIER NOTES-- errata is not the right process for a change such as proposed. See also: https://mailarchive.ietf.org/arch/msg/tls/2mKIkvRoQNMEMkT04JAqBifEJSo/ -------------------------------------- RFC5246 (draft-ietf-tls-rfc4346-bis-10) -------------------------------------- Title : The Transport Layer Security (TLS) Protocol Version 1.2 Publication Date : August 2008 Author(s) : T. Dierks, E. Rescorla Category : PROPOSED STANDARD Source : Transport Layer Security Stream : IETF Verifying Party : IESG _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
