UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 7366

Encrypt-then-MAC for Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 September 2014
Status: active
Page Count: 7
scope:

This document describes a means of negotiating the use of the encrypt-then-MAC security mechanism in place of the existing MACthen- encrypt mechanism in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). The MAC-then-encrypt mechanism has been the subject of a number of security vulnerabilities over a period of many years.

Document History

IETF RFC 7366
September 1, 2014
Encrypt-then-MAC for Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
This document describes a means of negotiating the use of the encrypt-then-MAC security mechanism in place of the existing MACthen- encrypt mechanism in Transport Layer Security (TLS) and Datagram...

References

This document is referenced by:
IETF RFC 7568 - Deprecating Secure Sockets Layer Version 3.0
Published by IETF on June 1, 2015
The Secure Sockets Layer version 3.0 (SSLv3), as specified in RFC 6101, is not sufficiently secure. This document requires that SSLv3 not be used. The replacement versions, in particular, Transport...
This document is referenced by:
IETF RFC 7606 - Revised Error Handling for BGP UPDATE Messages
Published by IETF on August 1, 2015
According to the base BGP specification, a BGP speaker that receives an UPDATE message containing a malformed attribute is required to reset the session over which the offending attribute was...
This document is referenced by:
IETF RFC 7925 - Transport Layer Security (TLS) / Datagram Transport Layer Security (DTLS) Profiles for the Internet of Things
Published by IETF on July 1, 2016
A common design pattern in Internet of Things (IoT) deployments is the use of a constrained device that collects data via sensors or controls actuators for use in home automation, industrial control...
This document is referenced by:
IETF RFC 8449 - Record Size Limit Extension for TLS
Published by IETF on August 1, 2018
An extension to Transport Layer Security (TLS) is defined that allows endpoints to negotiate the maximum size of protected records that each will send the other. This replaces the maximum fragment...
This document is referenced by:
RFC 9146 - Connection Identifier for DTLS 1.2
Published by IETF on March 1, 2022
Abstract This document specifies the Connection ID (CID) construct for the Datagram Transport Layer Security (DTLS) protocol version 1.2. A CID is an identifier carried in the record layer header...
View Less
View All
Advertisement