attachment
<div dir="ltr"><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">---------- Forwarded message ---------<br>From: <b class="gmail_sendername" dir="auto">The IESG</b> <span dir="auto"><<a href="mailto:iesg-secretary@ietf.org">iesg-secretary@ietf.org</a>></span><br>Date: Wed, Oct 14, 2020 at 2:40 PM<br>Subject: [TLS] Last Call: <draft-ietf-tls-md5-sha1-deprecate-04.txt> (Deprecating MD5 and SHA-1 signature hashes in TLS 1.2) to Proposed Standard<br>To: IETF-Announce <<a href="mailto:ietf-announce@ietf.org">ietf-announce@ietf.org</a>><br>Cc: <<a href="mailto:tls-chairs@ietf.org">tls-chairs@ietf.org</a>>, <<a href="mailto:tls@ietf.org">tls@ietf.org</a>>, <<a href="mailto:draft-ietf-tls-md5-sha1-deprecate@ietf.org">draft-ietf-tls-md5-sha1-deprecate@ietf.org</a>><br></div><br><br><br>
The IESG has received a request from the Transport Layer Security WG (tls) to<br>
consider the following document: - 'Deprecating MD5 and SHA-1 signature<br>
hashes in TLS 1.2'<br>
<draft-ietf-tls-md5-sha1-deprecate-04.txt> as Proposed Standard<br>
<br>
The IESG plans to make a decision in the next few weeks, and solicits final<br>
comments on this action. Please send substantive comments to the<br>
<a href="mailto:last-call@ietf.org" target="_blank">last-call@ietf.org</a> mailing lists by 2020-10-28. Exceptionally, comments may<br>
be sent to <a href="mailto:iesg@ietf.org" target="_blank">iesg@ietf.org</a> instead. In either case, please retain the beginning<br>
of the Subject line to allow automated sorting.<br>
<br>
Abstract<br>
<br>
<br>
The MD5 and SHA-1 hashing algorithms are steadily weakening in<br>
strength and their deprecation process should begin for their use in<br>
TLS 1.2 digital signatures. However, this document does not<br>
deprecate SHA-1 in HMAC for record protection. This document updates<br>
RFC 5246 and RFC 7525.<br>
<br>
<br>
<br>
<br>
The file can be obtained via<br>
<a href="https://datatracker.ietf.org/doc/draft-ietf-tls-md5-sha1-deprecate/" rel="noreferrer" target="_blank">https://datatracker.ietf.org/doc/draft-ietf-tls-md5-sha1-deprecate/</a><br>
<br>
<br>
<br>
No IPR declarations have been submitted directly on this I-D.<br>
<br>
<br>
<br>
<br>
<br>
_______________________________________________<br>
TLS mailing list<br>
<a href="mailto:TLS@ietf.org" target="_blank">TLS@ietf.org</a><br>
<a href="https://www.ietf.org/mailman/listinfo/tls" rel="noreferrer" target="_blank">https://www.ietf.org/mailman/listinfo/tls</a><br>
</div></div>