{"draft":"draft-ietf-uta-rfc7525bis-11","doc_id":"RFC9325","title":"Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)","authors":["Y. Sheffer","P. Saint-Andre","T. Fossati"],"format":["HTML","TEXT","PDF","XML"],"page_count":"34","pub_status":"BEST CURRENT PRACTICE","status":"BEST CURRENT PRACTICE","source":"Using TLS in Applications","abstract":"Transport Layer Security (TLS) and Datagram Transport Layer Security\r\n(DTLS) are used to protect data exchanged over a wide range of\r\napplication protocols and can also form the basis for secure\r\ntransport protocols.  Over the years, the industry has witnessed\r\nseveral serious attacks on TLS and DTLS, including attacks on the\r\nmost commonly used cipher suites and their modes of operation.  This\r\ndocument provides the latest recommendations for ensuring the\r\nsecurity of deployed services that use TLS and DTLS. These\r\nrecommendations are applicable to the majority of use cases.\r\n\r\nRFC 7525, an earlier version of the TLS recommendations, was\r\npublished when the industry was transitioning to TLS 1.2. Years\r\nlater, this transition is largely complete, and TLS 1.3 is widely\r\navailable. This document updates the guidance given the new\r\nenvironment and obsoletes RFC 7525. In addition, this document\r\nupdates RFCs 5288 and 6066 in view of recent attacks.","pub_date":"November 2022","keywords":[],"obsoletes":["RFC7525"],"obsoleted_by":[],"updates":["RFC5288","RFC6066"],"updated_by":[],"see_also":["BCP0195"],"doi":"10.17487\/RFC9325","errata_url":null}