Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS)
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: RFC Editor <email@example.com>, uta mailing list <firstname.lastname@example.org>, uta chair <email@example.com> Subject: Document Action: 'Summarizing Known Attacks on TLS and DTLS' to Informational RFC (draft-ietf-uta-tls-attacks-05.txt) The IESG has approved the following document: - 'Summarizing Known Attacks on TLS and DTLS' (draft-ietf-uta-tls-attacks-05.txt) as Informational RFC This document is the product of the Using TLS in Applications Working Group. The IESG contact persons are Pete Resnick and Barry Leiba. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-uta-tls-attacks/
Technical Summary Over the last few years there have been several serious attacks on TLS, including attacks on its most commonly used ciphers and modes of operation. This document summarizes these attacks, with the goal of motivating generic and protocol-specific recommendations on the usage of TLS and DTLS. Working Group Summary The document has received extensive review on the uta list by several reviewers (not just the usual suspects). There have been a few near-miss consensus, but they were all resolved to the satisfaction of all involved. Document Quality Most of the reviewers / active participants have ties to information security or TLS specifically. Additional review in the secdir group should probably try to find a person with another perspective. Personnel Leif Johansson is the shepherd. Pete Resnick is the responsible AD.