< draft-ietf-tls-sslv3-diediedie-01.txt		draft-ietf-tls-sslv3-diediedie-02.txt >
	skipping to change at page 1, line 13 ¶		skipping to change at page 1, line 13 ¶
	Network Working Group R. Barnes		Network Working Group R. Barnes
	Internet-Draft M. Thomson		Internet-Draft M. Thomson
	Updates: 5246 (if approved) Mozilla		Updates: 5246 (if approved) Mozilla
	Intended status: Standards Track A. Pironti		Intended status: Standards Track A. Pironti
	Expires: September 2, 2015 INRIA		Expires: September 2, 2015 INRIA
	A. Langley		A. Langley
	Google		Google
	March 1, 2015		March 1, 2015
	Deprecating Secure Sockets Layer Version 3.0		Deprecating Secure Sockets Layer Version 3.0
	draft-ietf-tls-sslv3-diediedie-01		draft-ietf-tls-sslv3-diediedie-02
	Abstract		Abstract
	Secure Sockets Layer version 3.0 (SSLv3) [RFC6101] is no longer		Secure Sockets Layer version 3.0 (SSLv3) is no longer secure. This
	secure. This document requires that SSLv3 not be used. The		document requires that SSLv3 not be used. The replacement versions,
	replacement versions, in particular Transport Layer Security (TLS)		in particular Transport Layer Security (TLS) 1.2, are considerably
	1.2 [RFC5246], are considerably more secure and capable protocols.		more secure and capable protocols.
	This document updates the backward compatibility sections of the TLS		This document updates the backward compatibility sections of the TLS
	RFCs to prohibit fallback to SSLv3.		RFCs to prohibit fallback to SSLv3.
	Status of This Memo		Status of This Memo
	This Internet-Draft is submitted in full conformance with the		This Internet-Draft is submitted in full conformance with the
	provisions of BCP 78 and BCP 79.		provisions of BCP 78 and BCP 79.
	Internet-Drafts are working documents of the Internet Engineering		Internet-Drafts are working documents of the Internet Engineering
	skipping to change at page 2, line 37 ¶		skipping to change at page 2, line 37 ¶
	1. Introduction		1. Introduction
	The SSLv3 protocol has been subject to a long series of attacks, both		The SSLv3 protocol has been subject to a long series of attacks, both
	on its key exchange mechanism and on the encryption schemes it		on its key exchange mechanism and on the encryption schemes it
	supports since it was released in 1996. Despite being replaced by		supports since it was released in 1996. Despite being replaced by
	TLS 1.0 [RFC2246] in 1999, and subsequently TLS 1.1 in 2002 [RFC4346]		TLS 1.0 [RFC2246] in 1999, and subsequently TLS 1.1 in 2002 [RFC4346]
	and 1.2 in 2006 [RFC5246], availability of these replacement versions		and 1.2 in 2006 [RFC5246], availability of these replacement versions
	has not been universal. As a result, many implementations of TLS		has not been universal. As a result, many implementations of TLS
	have permitted the negotiation of SSLv3.		have permitted the negotiation of SSLv3.
	The predecessor of SSLv3, SSL version 2, is no longer considered		The predecessor of SSLv3, SSL version 2 [RFC6101], is no longer
	secure [RFC6176]. SSLv3 now follows.		considered secure [RFC6176]. SSLv3 now follows.
	2. Do Not Use SSL Version 3.0		2. Do Not Use SSL Version 3.0
	SSLv3 MUST NOT be used [RFC2119]. Negotiation of SSLv3 from any		SSLv3 MUST NOT be used [RFC2119]. Negotiation of SSLv3 from any
	version of TLS MUST NOT be permitted.		version of TLS MUST NOT be permitted.
	Any version of TLS is more secure than SSLv3, though the highest		Any version of TLS is more secure than SSLv3, though the highest
	version available is preferable.		version available is preferable.
	Pragmatically, clients MUST NOT send a ClientHello with		Pragmatically, clients MUST NOT send a ClientHello with
End of changes. 3 change blocks.
	7 lines changed or deleted		7 lines changed or added
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/