[Uta] BCP 195, RFC 9325 on Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)

Wed, 30 Nov 2022 06:08:47 -0800 

A new Request for Comments is now available in online RFC libraries.

        BCP 195        
        RFC 9325

        Title:      Recommendations for Secure Use of 
                    Transport Layer Security (TLS) and Datagram 
                    Transport Layer Security (DTLS) 
        Author:     Y. Sheffer,
                    P. Saint-Andre,
                    T. Fossati
        Status:     Best Current Practice
        Stream:     IETF
        Date:       November 2022
        Mailbox:    yaronf.i...@gmail.com,
                    stpe...@stpeter.im,
                    thomas.foss...@arm.com
        Pages:      34
        Obsoletes:  RFC 7525
        Updates:    RFC 5288, RFC 6066
        See Also:   BCP 195

        I-D Tag:    draft-ietf-uta-rfc7525bis-11.txt

        URL:        https://www.rfc-editor.org/info/rfc9325

        DOI:        10.17487/RFC9325

Transport Layer Security (TLS) and Datagram Transport Layer Security
(DTLS) are used to protect data exchanged over a wide range of
application protocols and can also form the basis for secure
transport protocols.  Over the years, the industry has witnessed
several serious attacks on TLS and DTLS, including attacks on the
most commonly used cipher suites and their modes of operation.  This
document provides the latest recommendations for ensuring the
security of deployed services that use TLS and DTLS. These
recommendations are applicable to the majority of use cases.

RFC 7525, an earlier version of the TLS recommendations, was
published when the industry was transitioning to TLS 1.2. Years
later, this transition is largely complete, and TLS 1.3 is widely
available. This document updates the guidance given the new
environment and obsoletes RFC 7525. In addition, this document
updates RFCs 5288 and 6066 in view of recent attacks.

This document is a product of the Using TLS in Applications Working Group of 
the IETF.


BCP: This document specifies an Internet Best Current Practices for the
Internet Community, and requests discussion and suggestions for 
improvements. Distribution of this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-edi...@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC


_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta

Reply via email to