Prohibiting Secure Sockets Layer (SSL) Version 2.0
draft-ietf-tls-ssl2-must-not-04
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
04 | (System) | post-migration administrative database adjustment to the No Objection position for Adrian Farrel |
2010-12-21
|
04 | Amy Vezza | State changed to RFC Ed Queue from Approved-announcement sent. |
2010-12-20
|
04 | (System) | IANA Action state changed to No IC from In Progress |
2010-12-20
|
04 | (System) | IANA Action state changed to In Progress |
2010-12-20
|
04 | Amy Vezza | IESG state changed to Approved-announcement sent |
2010-12-20
|
04 | Amy Vezza | IESG has approved the document |
2010-12-20
|
04 | Amy Vezza | Closed "Approve" ballot |
2010-12-20
|
04 | Amy Vezza | Approval announcement text regenerated |
2010-12-18
|
04 | Alexey Melnikov | Ballot writeup text changed |
2010-12-17
|
04 | (System) | New version available: draft-ietf-tls-ssl2-must-not-04.txt |
2010-12-17
|
04 | (System) | Removed from agenda for telechat - 2010-12-16 |
2010-12-16
|
04 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Kathleen Moriarty. |
2010-12-16
|
04 | Amy Vezza | State changed to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation. |
2010-12-16
|
04 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded |
2010-12-16
|
04 | Lars Eggert | [Ballot Position Update] New position, Yes, has been recorded |
2010-12-16
|
04 | Gonzalo Camarillo | [Ballot Position Update] New position, No Objection, has been recorded |
2010-12-16
|
04 | Jari Arkko | [Ballot Position Update] New position, Yes, has been recorded by Jari Arkko |
2010-12-15
|
04 | Adrian Farrel | [Ballot Position Update] Position for Adrian Farrel has been changed to No Objection from Discuss |
2010-12-15
|
04 | Alexey Melnikov | Ballot writeup text changed |
2010-12-15
|
04 | Alexey Melnikov | Ballot writeup text changed |
2010-12-15
|
04 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded |
2010-12-15
|
04 | Alexey Melnikov | State changed to IESG Evaluation from Waiting for AD Go-Ahead. |
2010-12-15
|
04 | (System) | State changed to Waiting for AD Go-Ahead from In Last Call. |
2010-12-14
|
04 | Ralph Droms | [Ballot Position Update] New position, No Objection, has been recorded |
2010-12-14
|
04 | Robert Sparks | [Ballot Position Update] New position, No Objection, has been recorded |
2010-12-14
|
04 | David Harrington | [Ballot Position Update] New position, No Objection, has been recorded |
2010-12-13
|
04 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded |
2010-12-13
|
04 | Stewart Bryant | [Ballot comment] Adrian has an interesting point. |
2010-12-13
|
04 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded |
2010-12-13
|
04 | Adrian Farrel | [Ballot comment] however, this version does not provide the expected level of security. I think it provided exactly the "expected" level of security. Maybe … [Ballot comment] however, this version does not provide the expected level of security. I think it provided exactly the "expected" level of security. Maybe you mean "does not provide a sufficiently high level of security." |
2010-12-13
|
04 | Adrian Farrel | [Ballot discuss] Such a tiny, but perfectly formed draft. A quick point for discussion (added here simply to demonstrate that I don't understand the field)... … [Ballot discuss] Such a tiny, but perfectly formed draft. A quick point for discussion (added here simply to demonstrate that I don't understand the field)... it requires TLS clients and servers never negotiate the use of SSL version 2.0 Suppose I have a legacy client that supports only SSL2 or nothing. Does this document require that a serve should prefer no security over the use of SSL2? |
2010-12-13
|
04 | Adrian Farrel | [Ballot Position Update] New position, Discuss, has been recorded |
2010-12-11
|
04 | Alexey Melnikov | Ballot has been issued |
2010-12-03
|
04 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Kathleen Moriarty |
2010-12-03
|
04 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Kathleen Moriarty |
2010-12-02
|
04 | Amanda Baber | We understand that this document does not require any IANA actions. |
2010-12-02
|
04 | Sean Turner | [Ballot Position Update] New position, Recuse, has been recorded |
2010-12-02
|
04 | Tim Polk | [Ballot Position Update] New position, Recuse, has been recorded |
2010-12-01
|
04 | Peter Saint-Andre | [Ballot Position Update] New position, Yes, has been recorded |
2010-12-01
|
04 | Amy Vezza | Last call sent |
2010-12-01
|
04 | Amy Vezza | State changed to In Last Call from Last Call Requested. The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: … State changed to In Last Call from Last Call Requested. The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Subject: Last Call: (Prohibiting SSL Version 2.0) to Proposed Standard The IESG has received a request from the Transport Layer Security WG (tls) to consider the following document: - 'Prohibiting SSL Version 2.0' as a Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2010-12-15. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-tls-ssl2-must-not/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-tls-ssl2-must-not/ |
2010-12-01
|
04 | Alexey Melnikov | Placed on agenda for telechat - 2010-12-16 |
2010-12-01
|
04 | Alexey Melnikov | [Ballot Position Update] New position, Yes, has been recorded for Alexey Melnikov |
2010-12-01
|
04 | Alexey Melnikov | Ballot has been issued |
2010-12-01
|
04 | Alexey Melnikov | Created "Approve" ballot |
2010-12-01
|
04 | Alexey Melnikov | Last Call was requested |
2010-12-01
|
04 | Alexey Melnikov | State changed to Last Call Requested from AD Evaluation. |
2010-12-01
|
04 | (System) | Ballot writeup text was added |
2010-12-01
|
04 | (System) | Last call text was added |
2010-12-01
|
04 | (System) | Ballot approval text was added |
2010-12-01
|
04 | Alexey Melnikov | State changed to AD Evaluation from Publication Requested. |
2010-11-30
|
04 | Cindy Morgan | State changed to Publication Requested from AD is watching. |
2010-11-30
|
04 | Cindy Morgan | (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this version of the document and, in particular, does he … (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this version of the document and, in particular, does he or she believe this version is ready for forwarding to the IESG for publication? The Shepherd for this document is Joe Salowey. This document is ready for forwarding to the IESG for publication. (1.b) Has the document had adequate review both from key WG members and from key non-WG members? Does the Document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? This document received review from key WG members. (1.c) Does the Document Shepherd have concerns that the document needs more review from a particular or broader perspective, e.g., security, operational complexity, someone familiar with AAA, internationalization, or XML? There are no concerns. (1.d) Does the Document Shepherd have any specific concerns or issues with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. Has an IPR disclosure related to this document been filed? If so, please include a reference to the disclosure and summarize the WG discussion and conclusion on this issue. There are no concerns. No IPR disclosure has been submitted. (1.e) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? The WG consensus is solid. There were 6 (8 if you include the authors) emails supporting publication. There were none opposed to progressing the document. (1.f) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarize the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is entered into the ID Tracker.) There has been no threat of appeal. (1.g) Has the Document Shepherd personally verified that the document satisfies all ID nits? (See http://www.ietf.org/ID-Checklist.html and http://tools.ietf.org/tools/idnits/.) Boilerplate checks are not enough; this check needs to be thorough. Has the document met all formal review criteria it needs to, such as the MIB Doctor, media type, and URI type reviews? If the document does not already indicate its intended status at the top of the first page, please indicate the intended status here. The Shepherd has verified that the document satisfies all ID nits. (1.h) Has the document split its references into normative and informative? Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the strategy for their completion? Are there normative references that are downward references, as described in [RFC3967]? If so, list these downward references to support the Area Director in the Last Call procedure for them [RFC3967]. The document splits its references into normative and informative. There are no normative references to documents that are not ready for advancement or are otherwise in an unclear state. There are no normative references that are downward references. (1.i) Has the Document Shepherd verified that the document's IANA Considerations section exists and is consistent with the body of the document? If the document specifies protocol extensions, are reservations requested in appropriate IANA registries? Are the IANA registries clearly identified? If the document creates a new registry, does it define the proposed initial contents of the registry and an allocation procedure for future registrations? Does it suggest a reasonable name for the new registry? See [RFC2434]. If the document describes an Expert Review process, has the Document Shepherd conferred with the Responsible Area Director so that the IESG can appoint the needed Expert during IESG Evaluation? The Shepherd has verified that the document's IANA Considerations section exists and is consistent with the body of the document. Note there are none. (1.j) Has the Document Shepherd verified that sections of the document that are written in a formal language, such as XML code, BNF rules, MIB definitions, etc., validate correctly in an automated checker? There is no formal language in this draft. (1.k) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary Relevant content can frequently be found in the abstract and/or introduction of the document. If not, this may be an indication that there are deficiencies in the abstract or introduction. This document requires that when TLS clients and servers establish connections that they never negotiate the use of Secure Sockets Layer (SSL) version 2.0. Working Group Summary Was there anything in the WG process that is worth noting? For example, was there controversy about particular points or were there decisions where the consensus was particularly rough? The draft was discussed on TLS WG mailing list and presented to the TLS WG at IETF 78. Initially, the draft (draft-turner-ssl-must-not) contained text that prohibited SSL 2.0 and 3.0 and provided guidance to use TLS 1.2. Based on SSL server implementation statistics provided by WG members (there's lots of SSL 3.0 implementations) and discussions that SSL 3.0 with its mixed SHA-1/MD5 KDF is still acceptable, the scope of the draft was significantly reduced to only prohibit negotiation of SSL 2.0. Document Quality Are there existing implementations of the protocol? Have a significant number of vendors indicated their plan to implement the specification? Are there any reviewers that merit special mention as having done a thorough review, e.g., one that resulted in important changes or a conclusion that the document had no substantive issues? If there was a MIB Doctor, Media Type, or other Expert Review, what was its course (briefly)? In the case of a Media Type Review, on what date was the request posted? SSL 2.0 has in fact already been removed from many implementations. The intent here is to formalize the retirement of SSL 2.0. Most of the changes were based on reviews from Paul Hoffman, Simon Josefsson, Marsh Ray, and Martin Rex. Other reviewers are noted in the acknowledgments section. Personnel Who is the Document Shepherd for this document? Who is the Responsible Area Director? If the document requires IANA experts(s), insert 'The IANA Expert(s) for the registries in this document are .' The document shepherd for this document is Joe Salowey . The responsible Area Director is Alexey Melnikov . |
2010-11-30
|
04 | Cindy Morgan | [Note]: 'Joe Salowey (jsalowey@cisco.com) is the document shepherd.' added |
2010-11-29
|
03 | (System) | New version available: draft-ietf-tls-ssl2-must-not-03.txt |
2010-10-11
|
02 | (System) | New version available: draft-ietf-tls-ssl2-must-not-02.txt |
2010-10-08
|
01 | (System) | New version available: draft-ietf-tls-ssl2-must-not-01.txt |
2010-08-26
|
04 | Alexey Melnikov | Draft Added by Alexey Melnikov in state AD is watching |
2010-08-25
|
00 | (System) | New version available: draft-ietf-tls-ssl2-must-not-00.txt |