I think that the first sentence could be improved.
'The MD5 and SHA-1 hashing algorithms are steadily weakening ...' sounds
as if they are under attack from electrolytic corrosion or the
death-watch beatle.
I suggest
NEW
'The MD5 and SHA-1 hashing algorithms are increasingly vulnerable to
attack and this document deprecates their use in TLS 1.2 digital
signatures.'
And
/This draft/This document/
Tom Petch
On 14/10/2020 19:40, The IESG wrote:
The IESG has received a request from the Transport Layer Security WG (tls) to
consider the following document: - 'Deprecating MD5 and SHA-1 signature
hashes in TLS 1.2'
<draft-ietf-tls-md5-sha1-deprecate-04.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@xxxxxxxx mailing lists by 2020-10-28. Exceptionally, comments may
be sent to iesg@xxxxxxxx instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.
Abstract
The MD5 and SHA-1 hashing algorithms are steadily weakening in
strength and their deprecation process should begin for their use in
TLS 1.2 digital signatures. However, this document does not
deprecate SHA-1 in HMAC for record protection. This document updates
RFC 5246 and RFC 7525.
The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-tls-md5-sha1-deprecate/
No IPR declarations have been submitted directly on this I-D.
_______________________________________________
IETF-Announce mailing list
IETF-Announce@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf-announce
.
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
