|
1.
|
Clear description of the referenced document:
|
|
|
|
Name:
|
IETF RFC 4346 (2006)
|
|
Title:
|
The Transport Layer Security (TLS) Protocol, Version 1.1, April 2006
|
|
|
2.
|
Status of approval:
|
|
|
Proposed Standard. Obsoleted by RFC 5246.
|
|
3.
|
Justification for the specific reference:
|
|
|
[OBSOLETED] The ITU-T H.810 requires the use of TLS v1.1 for the operation of medical, health and fitness devices using the WAN interface specifically for its privacy cryptography for data encryption and its connection reliability and integrity using secure hash functions. The TLS v1.1 protocol provides sufficient communication privacy over the Internet allowing client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. There is also dependency on the use of this spec across other IHE and HL7 that also use this version of the TLS protocol.
|
|
4.
|
Current information, if any, about IPR issues:
|
|
|
Information on IPR issues regarding RFCs is available at: https://datatracker.ietf.org/ipr/search/. Specifically: https://datatracker.ietf.org/ipr/search/?option=rfc_search&rfc_search=4346
|
|
5.
|
Other useful information describing the "Quality" of the document:
|
|
|
This RFC has been in existence since April,2006, obsolescing RFC 2246
|
|
6.
|
The degree of stability or maturity of the document:
|
|
|
RFC 4346 is an internet standard. It and its successor are in existence for about 10 years; obsoletes RFC 2246. Updated by: 4366, 4680, 4681, 5746, 6176. Obsoleted by RFC 5246. Errata exist.
|
|
7.
|
Relationship with other existing or emerging documents:
|
|
|
Transport Layer Security (TLS), is a cryptographic protocol which provides secure communications on the Internet. Other RFCs subsequently extended TLS, including RFC 2712, RFC 2817, RFC 2818, RFC 3546, RFC 4132, RFC 4162 etc.
|
|
8.
|
Any explicit references within that referenced document should also be listed:
|
|
|
[AES] National Institute of Standards and Technology, "Specification for the Advanced Encryption Standard (AES)" FIPS 197. November 26, 2001./
[3DES] W. Tuchman, "Hellman Presents No Shortcut Solutions To DES," IEEE Spectrum, v. 16, n. 7, July 1979, pp. 40-41./
[DES] ANSI X3.106, "American National Standard for Information Systems-Data Link Encryption," American National Standards Institute, 1983./
[DSS] NIST FIPS PUB 186-2, "Digital Signature Standard," National Institute of Standards and Technology, U.S. Department of Commerce, 2000./
[HMAC] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, February 1997./
[IDEA] X. Lai, "On the Design and Security of Block Ciphers," ETH Series in Information Processing, v. 1, Konstanz: Hartung-Gorre Verlag, 1992./
[MD5] Rivest, R., "The MD5 Message-Digest Algorithm ", RFC 1321, April 1992./
[PKCS1A] B. Kaliski, "Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 1.5", RFC 2313, March 1998./
[PKCS1B] J. Jonsson, B. Kaliski, "Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1", RFC 3447, February 2003./
[PKIX] Housley, R., Polk, W., Ford, W., and D. Solo, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 3280, April 2002./
[RC2] Rivest, R., "A Description of the RC2(r) Encryption Algorithm", RFC 2268, March 1998./
[SCH] B. Schneier. "Applied Cryptography: Protocols, Algorithms,and Source Code in C, 2ed", Published by John Wiley & Sons, Inc. 1996./
[SHA] NIST FIPS PUB 180-2, "Secure Hash Standard," National Institute of Standards and Technology, U.S. Department of Commerce., August 2001./
[REQ] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997./
[RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 2434, October 1998./
[TLSAES] Chown, P., "Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)", RFC 3268, June 2002./
[TLSEXT] Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., and T. Wright, "Transport Layer Security (TLS) Extensions", RFC 3546, June 2003./
[TLSKRB] Medvinsky, A. and M. Hur, "Addition of Kerberos Cipher Suites to Transport Layer Security (TLS)", RFC 2712, October 1999.
|
|
9.
|
Qualification of
ISOC/IETF:
|
|
|
9.1-9.6 Decisions of ITU Council to admit ISOC to participate in the work of the Sector (June 1995 and June 1996).
9.7 The Internet Engineering Steering Group (IESG) is responsible for ongoing maintenance of the RFCs when the need arises. Comments on RFCs and corresponding changes are accommodated through the existing standardization process.
9.8 Each revision of a given RFC has a different RFC number, so no confusion is possible. All RFCs always remain available on-line. An index of RFCs and their status may be found in the IETF archives at http://www.rfc-editor.org/rfc.html.
|
|
10.
|
Other (for any supplementary information):
|
|
|
References should always be made to RFC numbers (and not by other designations such as STD, BCP, etc.). References not to be made to documents referred to as "Internet Drafts" or RFCs categorized as "Historic". Normative references should not be made to RFCs that are not standards, for example, "Informational" and "Experimental" RFCs.
|
|
