Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) (RFC7525)

IP.com Disclosure Number: IPCOM000241480D
Original Publication Date: 2015-May-01
Included in the Prior Art Database: 2015-May-05
Document File: 54 page(s) / 60K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

Y. Sheffer: AUTHOR [+3]

Abstract

Transport Layer Security (TLS) [RFC5246] and Datagram Transport Security Layer (DTLS) [RFC6347] are widely used to protect data exchanged over application protocols such as HTTP, SMTP, IMAP, POP, SIP, and XMPP. Over the last few years, several serious attacks on TLS have emerged, including attacks on its most commonly used cipher suites and their modes of operation. For instance, both the AES-CBC [RFC3602] and RC4 [RFC7465] encryption algorithms, which together have been the most widely deployed ciphers, have been attacked in the context of TLS. A companion document [RFC7457] provides detailed information about these attacks and will help the reader understand the rationale behind the recommendations provided here.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 5% of the total text.

Internet Engineering Task Force (IETF)                        Y. Sheffer Request for Comments: 7525                                        Intuit BCP: 195                                                         R. Holz Category: Best Current Practice                                    NICTA ISSN: 2070-1721                                           P. Saint-Andre                                                                     &yet                                                                 May 2015

     Recommendations for Secure Use of Transport Layer Security (TLS)               and Datagram Transport Layer Security (DTLS)

Abstract

   Transport Layer Security (TLS) and Datagram Transport Layer Security    (DTLS) are widely used to protect data exchanged over application    protocols such as HTTP, SMTP, IMAP, POP, SIP, and XMPP.  Over the    last few years, several serious attacks on TLS have emerged,    including attacks on its most commonly used cipher suites and their    modes of operation.  This document provides recommendations for    improving the security of deployed services that use TLS and DTLS.    The recommendations are applicable to the majority of use cases.

Status of This Memo

   This memo documents an Internet Best Current Practice.

   This document is a product of the Internet Engineering Task Force    (IETF).  It represents the consensus of the IETF community.  It has    received public review and has been approved for publication by the    Internet Engineering Steering Group (IESG).  Further information on    BCPs is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,    and how to provide feedback on it may be obtained at    http://www.rfc-editor.org/info/rfc7525.

Sheffer, et al.           Best Current Practice                 [Page 1]
 RFC 7525                   TLS Recommendations                  May 2015

 Copyright Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the    document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal    Provisions Relating to IETF Documents    (http://trustee.ietf.org/license-info) in effect on the date of    publication of this document.  Please review these documents    carefully, as they describe your rights and restrictions with respect    to this document.  Code Components extracted from this document must    include Simplified BSD License text as described in Section 4.e of   ...