5Internet Engineering Task Force (IETF) L. Velvindron
6Request for Comments: 8997 cyberstorm.mu
7Updates: 8314 S. Farrell
8Category: Standards Track Trinity College Dublin
9ISSN: 2070-1721 March 2021
12 Deprecation of TLS 1.1 for Email Submission and Access
16 This specification updates the current recommendation for the use of
17 the Transport Layer Security (TLS) protocol to provide
18 confidentiality of email between a Mail User Agent (MUA) and a Mail
19 Submission Server or Mail Access Server. This document updates RFC
24 This is an Internet Standards Track document.
26 This document is a product of the Internet Engineering Task Force
27 (IETF). It represents the consensus of the IETF community. It has
28 received public review and has been approved for publication by the
29 Internet Engineering Steering Group (IESG). Further information on
30 Internet Standards is available in Section 2 of RFC 7841.
32 Information about the current status of this document, any errata,
33 and how to provide feedback on it may be obtained at
34 https://www.rfc-editor.org/info/rfc8997.
38 Copyright (c) 2021 IETF Trust and the persons identified as the
39 document authors. All rights reserved.
41 This document is subject to BCP 78 and the IETF Trust's Legal
42 Provisions Relating to IETF Documents
43 (https://trustee.ietf.org/license-info) in effect on the date of
44 publication of this document. Please review these documents
45 carefully, as they describe your rights and restrictions with respect
46 to this document. Code Components extracted from this document must
47 include Simplified BSD License text as described in Section 4.e of
48 the Trust Legal Provisions and are provided without warranty as
49 described in the Simplified BSD License.
54 2. Conventions Used in This Document
55 3. Updates to RFC 8314
56 4. IANA Considerations
57 5. Security Considerations
59 6.1. Normative References
60 6.2. Informative References
67 1.1. Due to the deprecation of TLS 1.1 in [RFC8996], this
68 recommendation is no longer valid. Therefore, this document updates
69 [RFC8314] so that the minimum version for TLS is TLS 1.2.
712. Conventions Used in This Document
73 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
74 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
75 "OPTIONAL" in this document are to be interpreted as described in
76 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
77 capitals, as shown here.
83 | 4.1. Deprecation of Services Using Cleartext and TLS Versions
88 | 4.1. Deprecation of Services Using Cleartext and TLS Versions
93 | As soon as practicable, MSPs currently supporting Secure Sockets
94 | Layer (SSL) 2.x, SSL 3.0, or TLS 1.0 SHOULD transition their users
95 | to TLS 1.1 or later and discontinue support for those earlier
96 | versions of SSL and TLS.
100 | As soon as practicable, MSPs currently supporting Secure Sockets
101 | Layer (SSL) 2.x, SSL 3.0, TLS 1.0, or TLS 1.1 SHOULD transition
102 | their users to TLS 1.2 or later and discontinue support for those
103 | earlier versions of SSL and TLS.
105 In Section 4.1 of [RFC8314], the text should be revised from:
109 | One way is for the server to refuse a ClientHello message from any
110 | client sending a ClientHello.version field corresponding to any
111 | version of SSL or TLS 1.0.
115 | One way is for the server to refuse a ClientHello message from any
116 | client sending a ClientHello.version field corresponding to any
117 | version of SSL or TLS earlier than TLS 1.2.
121 | It is RECOMMENDED that new users be required to use TLS version
122 | 1.1 or greater from the start. However, an MSP may find it
123 | necessary to make exceptions to accommodate some legacy systems
124 | that support only earlier versions of TLS or only cleartext.
128 | It is RECOMMENDED that new users be required to use TLS version
129 | 1.2 or greater from the start. However, an MSP may find it
130 | necessary to make exceptions to accommodate some legacy systems
131 | that support only earlier versions of TLS or only cleartext.
135 | If, however, an MUA provides such an indication, it MUST NOT
136 | indicate confidentiality for any connection that does not at least
137 | use TLS 1.1 with certificate verification and also meet the
138 | minimum confidentiality requirements associated with that account.
142 | If, however, an MUA provides such an indication, it MUST NOT
143 | indicate confidentiality for any connection that does not at least
144 | use TLS 1.2 with certificate verification and also meet the
145 | minimum confidentiality requirements associated with that account.
149 | MUAs MUST implement TLS 1.2 [RFC5246] or later. Earlier TLS and
150 | SSL versions MAY also be supported, so long as the MUA requires at
151 | least TLS 1.1 [RFC4346] when accessing accounts that are
152 | configured to impose minimum confidentiality requirements.
156 | MUAs MUST implement TLS 1.2 [RFC5246] or later, e.g., TLS 1.3
157 | [RFC8446]. Earlier TLS and SSL versions MAY also be supported, so
158 | long as the MUA requires at least TLS 1.2 [RFC5246] when accessing
159 | accounts that are configured to impose minimum confidentiality
164 | The default minimum expected level of confidentiality for all new
165 | accounts MUST require successful validation of the server's
166 | certificate and SHOULD require negotiation of TLS version 1.1 or
167 | greater. (Future revisions to this specification may raise these
168 | requirements or impose additional requirements to address newly
169 | discovered weaknesses in protocols or cryptographic algorithms.)
173 | The default minimum expected level of confidentiality for all new
174 | accounts MUST require successful validation of the server's
175 | certificate and SHOULD require negotiation of TLS version 1.2 or
176 | greater. (Future revisions to this specification may raise these
177 | requirements or impose additional requirements to address newly
178 | discovered weaknesses in protocols or cryptographic algorithms.)
1804. IANA Considerations
182 This document has no IANA actions.
1845. Security Considerations
186 The purpose of this document is to document updated recommendations
187 for using TLS with email services. Those recommendations are based
1926.1. Normative References
194 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
195 Requirement Levels", BCP 14, RFC 2119,
196 DOI 10.17487/RFC2119, March 1997,
197 <https://www.rfc-editor.org/info/rfc2119>.
199 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
200 (TLS) Protocol Version 1.2", RFC 5246,
201 DOI 10.17487/RFC5246, August 2008,
202 <https://www.rfc-editor.org/info/rfc5246>.
204 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
205 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
206 May 2017, <https://www.rfc-editor.org/info/rfc8174>.
208 [RFC8314] Moore, K. and C. Newman, "Cleartext Considered Obsolete:
209 Use of Transport Layer Security (TLS) for Email Submission
210 and Access", RFC 8314, DOI 10.17487/RFC8314, January 2018,
211 <https://www.rfc-editor.org/info/rfc8314>.
213 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
214 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
215 <https://www.rfc-editor.org/info/rfc8446>.
217 [RFC8996] Moriarty, K. and S. Farrell, "Deprecating TLS 1.0 and TLS
218 1.1", RFC 8996, DOI 10.17487/RFC8996, March 2021,
219 <https://www.rfc-editor.org/info/rfc8996>.
2216.2. Informative References
223 [RFC4346] Dierks, T. and E. Rescorla, "The Transport Layer Security
224 (TLS) Protocol Version 1.1", RFC 4346,
225 DOI 10.17487/RFC4346, April 2006,
226 <https://www.rfc-editor.org/info/rfc4346>.
230 The authors would like to thank Vittorio Bertola and Viktor Dukhovni
237 88 Avenue De Plevitz Roches Brunes
243 Email: logan@cyberstorm.mu
247 Trinity College Dublin
252 Phone: +353-1-896-2354
253 Email: stephen.farrell@cs.tcd.ie