1
2
3
4
5Internet Engineering Task Force (IETF) L. Velvindron
6Request for Comments: 8997 cyberstorm.mu
7Updates: 8314 S. Farrell
8Category: Standards Track Trinity College Dublin
9ISSN: 2070-1721 March 2021
10
11
12 Deprecation of TLS 1.1 for Email Submission and Access
13
14Abstract
15
16 This specification updates the current recommendation for the use of
17 the Transport Layer Security (TLS) protocol to provide
18 confidentiality of email between a Mail User Agent (MUA) and a Mail
19 Submission Server or Mail Access Server. This document updates RFC
20 8314.
21
22Status of This Memo
23
24 This is an Internet Standards Track document.
25
26 This document is a product of the Internet Engineering Task Force
27 (IETF). It represents the consensus of the IETF community. It has
28 received public review and has been approved for publication by the
29 Internet Engineering Steering Group (IESG). Further information on
30 Internet Standards is available in Section 2 of RFC 7841.
31
32 Information about the current status of this document, any errata,
33 and how to provide feedback on it may be obtained at
34 https://www.rfc-editor.org/info/rfc8997.
35
36Copyright Notice
37
38 Copyright (c) 2021 IETF Trust and the persons identified as the
39 document authors. All rights reserved.
40
41 This document is subject to BCP 78 and the IETF Trust's Legal
42 Provisions Relating to IETF Documents
43 (https://trustee.ietf.org/license-info) in effect on the date of
44 publication of this document. Please review these documents
45 carefully, as they describe your rights and restrictions with respect
46 to this document. Code Components extracted from this document must
47 include Simplified BSD License text as described in Section 4.e of
48 the Trust Legal Provisions and are provided without warranty as
49 described in the Simplified BSD License.
50
51Table of Contents
52
53 1. Introduction
54 2. Conventions Used in This Document
55 3. Updates to RFC 8314
56 4. IANA Considerations
57 5. Security Considerations
58 6. References
59 6.1. Normative References
60 6.2. Informative References
61 Acknowledgements
62 Authors' Addresses
63
641. Introduction
65
66 [RFC8314] defines the minimum recommended version of TLS as version 8996:31 ../dane/dane.go:305 ../mox-/config.go:735 ../smtpclient/client.go:414 ../webadmin/admin.go:487
67 1.1. Due to the deprecation of TLS 1.1 in [RFC8996], this
68 recommendation is no longer valid. Therefore, this document updates
69 [RFC8314] so that the minimum version for TLS is TLS 1.2.
70
712. Conventions Used in This Document
72
73 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
74 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
75 "OPTIONAL" in this document are to be interpreted as described in
76 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
77 capitals, as shown here.
78
793. Updates to RFC 8314
80
81 OLD:
82
83 | 4.1. Deprecation of Services Using Cleartext and TLS Versions
84 | Less Than 1.1
85
86 NEW:
87
88 | 4.1. Deprecation of Services Using Cleartext and TLS Versions
89 | Less Than 1.2
90
91 OLD:
92
93 | As soon as practicable, MSPs currently supporting Secure Sockets
94 | Layer (SSL) 2.x, SSL 3.0, or TLS 1.0 SHOULD transition their users
95 | to TLS 1.1 or later and discontinue support for those earlier
96 | versions of SSL and TLS.
97
98 NEW:
99
100 | As soon as practicable, MSPs currently supporting Secure Sockets
101 | Layer (SSL) 2.x, SSL 3.0, TLS 1.0, or TLS 1.1 SHOULD transition
102 | their users to TLS 1.2 or later and discontinue support for those
103 | earlier versions of SSL and TLS.
104
105 In Section 4.1 of [RFC8314], the text should be revised from:
106
107 OLD:
108
109 | One way is for the server to refuse a ClientHello message from any
110 | client sending a ClientHello.version field corresponding to any
111 | version of SSL or TLS 1.0.
112
113 NEW:
114
115 | One way is for the server to refuse a ClientHello message from any
116 | client sending a ClientHello.version field corresponding to any
117 | version of SSL or TLS earlier than TLS 1.2.
118
119 OLD:
120
121 | It is RECOMMENDED that new users be required to use TLS version
122 | 1.1 or greater from the start. However, an MSP may find it
123 | necessary to make exceptions to accommodate some legacy systems
124 | that support only earlier versions of TLS or only cleartext.
125
126 NEW:
127
128 | It is RECOMMENDED that new users be required to use TLS version
129 | 1.2 or greater from the start. However, an MSP may find it
130 | necessary to make exceptions to accommodate some legacy systems
131 | that support only earlier versions of TLS or only cleartext.
132
133 OLD:
134
135 | If, however, an MUA provides such an indication, it MUST NOT
136 | indicate confidentiality for any connection that does not at least
137 | use TLS 1.1 with certificate verification and also meet the
138 | minimum confidentiality requirements associated with that account.
139
140 NEW:
141
142 | If, however, an MUA provides such an indication, it MUST NOT
143 | indicate confidentiality for any connection that does not at least
144 | use TLS 1.2 with certificate verification and also meet the
145 | minimum confidentiality requirements associated with that account.
146
147 OLD
148
149 | MUAs MUST implement TLS 1.2 [RFC5246] or later. Earlier TLS and
150 | SSL versions MAY also be supported, so long as the MUA requires at
151 | least TLS 1.1 [RFC4346] when accessing accounts that are
152 | configured to impose minimum confidentiality requirements.
153
154 NEW:
155
156 | MUAs MUST implement TLS 1.2 [RFC5246] or later, e.g., TLS 1.3
157 | [RFC8446]. Earlier TLS and SSL versions MAY also be supported, so
158 | long as the MUA requires at least TLS 1.2 [RFC5246] when accessing
159 | accounts that are configured to impose minimum confidentiality
160 | requirements.
161
162 OLD:
163
164 | The default minimum expected level of confidentiality for all new
165 | accounts MUST require successful validation of the server's
166 | certificate and SHOULD require negotiation of TLS version 1.1 or
167 | greater. (Future revisions to this specification may raise these
168 | requirements or impose additional requirements to address newly
169 | discovered weaknesses in protocols or cryptographic algorithms.)
170
171 NEW:
172
173 | The default minimum expected level of confidentiality for all new
174 | accounts MUST require successful validation of the server's
175 | certificate and SHOULD require negotiation of TLS version 1.2 or
176 | greater. (Future revisions to this specification may raise these
177 | requirements or impose additional requirements to address newly
178 | discovered weaknesses in protocols or cryptographic algorithms.)
179
1804. IANA Considerations
181
182 This document has no IANA actions.
183
1845. Security Considerations
185
186 The purpose of this document is to document updated recommendations
187 for using TLS with email services. Those recommendations are based
188 on [RFC8996].
189
1906. References
191
1926.1. Normative References
193
194 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
195 Requirement Levels", BCP 14, RFC 2119,
196 DOI 10.17487/RFC2119, March 1997,
197 <https://www.rfc-editor.org/info/rfc2119>.
198
199 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
200 (TLS) Protocol Version 1.2", RFC 5246,
201 DOI 10.17487/RFC5246, August 2008,
202 <https://www.rfc-editor.org/info/rfc5246>.
203
204 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
205 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
206 May 2017, <https://www.rfc-editor.org/info/rfc8174>.
207
208 [RFC8314] Moore, K. and C. Newman, "Cleartext Considered Obsolete:
209 Use of Transport Layer Security (TLS) for Email Submission
210 and Access", RFC 8314, DOI 10.17487/RFC8314, January 2018,
211 <https://www.rfc-editor.org/info/rfc8314>.
212
213 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
214 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
215 <https://www.rfc-editor.org/info/rfc8446>.
216
217 [RFC8996] Moriarty, K. and S. Farrell, "Deprecating TLS 1.0 and TLS
218 1.1", RFC 8996, DOI 10.17487/RFC8996, March 2021,
219 <https://www.rfc-editor.org/info/rfc8996>.
220
2216.2. Informative References
222
223 [RFC4346] Dierks, T. and E. Rescorla, "The Transport Layer Security
224 (TLS) Protocol Version 1.1", RFC 4346,
225 DOI 10.17487/RFC4346, April 2006,
226 <https://www.rfc-editor.org/info/rfc4346>.
227
228Acknowledgements
229
230 The authors would like to thank Vittorio Bertola and Viktor Dukhovni
231 for their feedback.
232
233Authors' Addresses
234
235 Loganaden Velvindron
236 cyberstorm.mu
237 88 Avenue De Plevitz Roches Brunes
238 71259
239 Rose Hill
240 Mauritius
241
242 Phone: +230 59762817
243 Email: logan@cyberstorm.mu
244
245
246 Stephen Farrell
247 Trinity College Dublin
248 Dublin
249 2
250 Ireland
251
252 Phone: +353-1-896-2354
253 Email: stephen.farrell@cs.tcd.ie
254