draft-ietf-curdle-rc4-die-die-die-06.txt   draft-ietf-curdle-rc4-die-die-die-07.txt 
Internet Engineering Task Force (IETF) L. Camara Internet Engineering Task Force (IETF) L. Camara
Internet-Draft January 26, 2018 Internet-Draft L.Velvindron
Obsoletes: 4345 (if approved) Obsoletes: 4345 (if approved) July 22, 2018
Updates: 4253 (if approved) Updates: 4253 (if approved)
Intended Status: Best Current Practice Intended Status: Best Current Practice
Expires: July 30, 2018 Expires: July 22, 2018
Deprecating RC4 in Secure Shell (SSH) Deprecating RC4 in Secure Shell (SSH)
draft-ietf-curdle-rc4-die-die-die-06 draft-ietf-curdle-rc4-die-die-die-07
[[RFC-Editor: please replace the second character of my surname by [[RFC-Editor: please replace the second character of my surname by
U+00E2 when publishing as RFC in the header and in all pages. U+00E2 when publishing as RFC in the header and in all pages.]]
Non-ASCII characters are allowed in RFCs as per RFC 7997.]]
Abstract Abstract
This document deprecates RC4 in Secure Shell (SSH). Therefore, this This document deprecates RC4 in Secure Shell (SSH). Therefore, this
document updates RFC 4253, and formally obsoletes and moves to document updates RFC 4253, and moves to Historic RFC 4345.
Historic RFC 4345.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
skipping to change at page 2, line 20 skipping to change at page 2, line 20
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 2 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 2
5. Security Considerations . . . . . . . . . . . . . . . . . . . . 3 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 3
6. Acknowlegdements . . . . . . . . . . . . . . . . . . . . . . . 3 6. Acknowlegdements . . . . . . . . . . . . . . . . . . . . . . . 3
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 3 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 3
7.1. Normative References . . . . . . . . . . . . . . . . . . . . 3 7.1. Normative References . . . . . . . . . . . . . . . . . . . . 3
7.2. Informative References . . . . . . . . . . . . . . . . . . . 3 7.2. Informative References . . . . . . . . . . . . . . . . . . . 3
8. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 3 8. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 3
1. Introduction 1. Introduction
RC4 is broken [RFC7457] and this document deprecates its use in The usage of RC4 suites ( also designated as arcfour ) for SSH are
Secure Shell (SSH). specified in [RFC 4253] and [RFC 4345]. [RFC 4253] specifies the
allocation of the "arcfour" cipher for SSH. RFC 4345 specifies and
allocates the the "arcfour-128" and "arcfour-256" ciphers for SSH.
RC4 encryption is steadily weakening in cryptographic strength [RFC7457]
[draft-ietf-curdle-des-des-des-die-die-die-05] and the deprecation process
should be begun for their use in SSH.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in document are to be interpreted as described in
BCP 14 [RFC2119, RFC8174] when, and only when, they appear in all BCP 14 [RFC2119, RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
2. Why obsolete and move to Historic RFC 4345 2. Why obsolete and move to Historic RFC 4345
RFC 4345 defines the "arcfour-128" and "arcfour-256" modes for SSH, RFC 4345 defines the "arcfour-128" and "arcfour-256" modes for SSH,
skipping to change at line 138 skipping to change at page 3, line 44
[[RFC-Editor: please replace the 'i' in my name by U+00ED and the [[RFC-Editor: please replace the 'i' in my name by U+00ED and the
first 'a' in the surname by U+00E2, as non-ASCII characters are first 'a' in the surname by U+00E2, as non-ASCII characters are
allowed as per RFC 7997]] allowed as per RFC 7997]]
8. Author's Address 8. Author's Address
Luis Camara Luis Camara
EMail: <luis.camara@live.com.pt> EMail: <luis.camara@live.com.pt>
Loganaden Velvindron
EMail: <loganaden@gmail.com>
 End of changes. 7 change blocks. 
10 lines changed or deleted 14 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/