Prohibiting Secure Sockets Layer (SSL) Version 2.0
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com>, tls mailing list <firstname.lastname@example.org>, tls chair <email@example.com> Subject: Protocol Action: 'Prohibiting SSL Version 2.0' to Proposed Standard (draft-ietf-tls-ssl2-must-not-04.txt) The IESG has approved the following document: - 'Prohibiting SSL Version 2.0' (draft-ietf-tls-ssl2-must-not-04.txt) as a Proposed Standard This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Alexey Melnikov and Tim Polk. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-tls-ssl2-must-not/
Technical Summary This document requires that when TLS clients and servers establish connections that they never negotiate the use of Secure Sockets Layer (SSL) version 2.0. Working Group Summary The draft was discussed on TLS WG mailing list and presented to the TLS WG at IETF 78. Initially, the draft (draft-turner-ssl-must-not) contained text that prohibited SSL 2.0 and 3.0 and provided guidance to use TLS 1.2. Based on SSL server implementation statistics provided by WG members (there's lots of SSL 3.0 implementations) and discussions that SSL 3.0 with its mixed SHA-1/MD5 KDF is still acceptable, the scope of the draft was significantly reduced to only prohibit negotiation of SSL 2.0. Document Quality SSL 2.0 has in fact already been removed from many implementations. The intent here is to formalize the retirement of SSL 2.0. Most of the changes were based on reviews from Paul Hoffman, Simon Josefsson, Marsh Ray, and Martin Rex. Other reviewers are noted in the acknowledgments section. Personnel The document shepherd for this document is Joe Salowey <firstname.lastname@example.org>. The responsible Area Director is Alexey Melnikov <email@example.com>.