UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF - RFC 9155

Deprecating MD5 and SHA-1 Signature Hashes in TLS 1.2 and DTLS 1.2

active, Most Current
Organization: IETF
Publication Date: 1 December 2021
Status: active
Page Count: 5
scope:

Abstract

The MD5 and SHA-1 hashing algorithms are increasingly vulnerable to attack, and this document deprecates their use in TLS 1.2 and DTLS 1.2 digital signatures. However, this document does not deprecate SHA-1 with Hashed Message Authentication Code (HMAC), as used in record protection. This document updates RFC 5246.

Document History

RFC 9155
December 1, 2021
Deprecating MD5 and SHA-1 Signature Hashes in TLS 1.2 and DTLS 1.2
Abstract The MD5 and SHA-1 hashing algorithms are increasingly vulnerable to attack, and this document deprecates their use in TLS 1.2 and DTLS 1.2 digital signatures. However, this document does...

References

This document references:
IETF RFC 8446 - The Transport Layer Security (TLS) Protocol Version 1.3
Published by IETF on August 1, 2018
This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent...
This document references:
IETF RFC 8447 - IANA Registry Updates for TLS and DTLS
Published by IETF on August 1, 2018
This document describes a number of changes to TLS and DTLS IANA registries that range from adding notes to the registry all the way to changing the registration policy. These changes were mostly...
This document is referenced by:
RFC 9190 - EAP-TLS 1.3: Using the Extensible Authentication Protocol with TLS 1.3
Published by IETF on February 1, 2022
Abstract The Extensible Authentication Protocol (EAP), defined in RFC 3748, provides a standard mechanism for support of multiple authentication methods. This document specifies the use of EAP-TLS...
This document is referenced by:
IEC 62351-3 - Power systems management and associated information exchange – Data and communications security – Part 3: Communication network and system security – Profiles including TCP/IP
Published by IEC on February 1, 2020
Scope This part of IEC 62351 specifies how to provide confidentiality, integrity protection, and message level authentication for SCADA and telecontrol protocols that make use of TCP/IP as a message...
This document is referenced by:
EN IEC 62351-3 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
Published by CENELEC on July 1, 2023
This part of IEC 62351 specifies how to provide confidentiality, integrity protection, and message level authentication for protocols that make use of TCP/IP as a message transport layer and utilize...
This document is referenced by:
NEN-EN-IEC 62351-3 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
Published by NEN on August 1, 2023
This part of IEC 62351 specifies how to provide confidentiality, integrity protection, and message level authentication for protocols that make use of TCP/IP as a message transport layer and utilize...
This document is referenced by:
BS EN 62351-3 - Power systems management and associated information exchange - Data and communications security Part 3: Communication network and system security - Profiles including TCP/IP
Published by BSI on January 31, 2015
A description is not available for this item.
This document is referenced by:
BS EN IEC 62351-3 - TC - Tracked Changes (Redline) - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
Published by BSI on September 6, 2023
A description is not available for this item.
View Less
View All
Advertisement