Technical Summary
The MD5 and SHA-1 hashing algorithms are increasingly vulnerable to
attack and this document deprecates their use in TLS 1.2 digital
signatures. However, this document does not deprecate SHA-1 in HMAC
for record protection. This document updates RFC 5246.
Working Group Summary
* There is strong support in the working group for this document. Primary items during WGLC was around the consistency of the normative language.
* Discussion from AD Review and IETC LC saw the streamlining of the update guidance to RFC5246 and dropping an formal update to RFC7525 (as it is being revised).
Document Quality
* There was review from the WG, comments from the IETF LC and Directorates (in particular IoTDIR) were addressed.
Personnel
Document Shepherd = Sean Turner
Responsible AD = Roman Danyliw