[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ietf-tls
Subject:    Re: [TLS] Last Call: <draft-ietf-tls-md5-sha1-deprecate-04.txt> (Deprecating MD5 and SHA-1 signature
From:       tom petch <daedulus () btconnect ! com>
Date:       2020-10-16 8:56:34
Message-ID: 5F896042.6090804 () btconnect ! com
[Download RAW message or body]

I think that the first sentence could be improved.

'The MD5 and SHA-1 hashing algorithms are steadily weakening ...' sounds 
as if they are under attack from electrolytic corrosion or the 
death-watch beatle.

I suggest
NEW
'The MD5 and SHA-1 hashing algorithms are increasingly vulnerable to 
attack and this document deprecates their use in TLS 1.2 digital 
signatures.'

And

/This draft/This document/

Tom Petch

On 14/10/2020 19:40, The IESG wrote:
>
> The IESG has received a request from the Transport Layer Security WG (tls) to
> consider the following document: - 'Deprecating MD5 and SHA-1 signature
> hashes in TLS 1.2'
>    <draft-ietf-tls-md5-sha1-deprecate-04.txt> as Proposed Standard
>
> The IESG plans to make a decision in the next few weeks, and solicits final
> comments on this action. Please send substantive comments to the
> last-call@ietf.org mailing lists by 2020-10-28. Exceptionally, comments may
> be sent to iesg@ietf.org instead. In either case, please retain the beginning
> of the Subject line to allow automated sorting.
>
> Abstract
>
>
>     The MD5 and SHA-1 hashing algorithms are steadily weakening in
>     strength and their deprecation process should begin for their use in
>     TLS 1.2 digital signatures.  However, this document does not
>     deprecate SHA-1 in HMAC for record protection.  This document updates
>     RFC 5246 and RFC 7525.
>
>
>
>
> The file can be obtained via
> https://datatracker.ietf.org/doc/draft-ietf-tls-md5-sha1-deprecate/
>
>
>
> No IPR declarations have been submitted directly on this I-D.
>
>
>
>
>
> _______________________________________________
> IETF-Announce mailing list
> IETF-Announce@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf-announce
> .
>

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic