rfc9847v2.txt   rfc9847.txt 
Internet Engineering Task Force (IETF) J. Salowey Internet Engineering Task Force (IETF) J. Salowey
Request for Comments: 9847 CyberArk Request for Comments: 9847 CyberArk
Updates: 8447 S. Turner Updates: 8447 S. Turner
Category: Standards Track sn3rd Category: Standards Track sn3rd
ISSN: 2070-1721 October 2025 ISSN: 2070-1721 December 2025
IANA Registry Updates for TLS and DTLS IANA Registry Updates for TLS and DTLS
Abstract Abstract
This document updates the changes to the TLS and DTLS IANA registries This document updates the changes to the TLS and DTLS IANA registries
made in RFC 8447. It adds a new value, "D" for discouraged, to the made in RFC 8447. It adds a new value, "D" for discouraged, to the
"Recommended" column of the selected TLS registries and adds a "Recommended" column of the selected TLS registries and adds a
"Comment" column to all active registries that do not already have a "Comment" column to all active registries that do not already have a
"Comment" column. Finally, it updates the registration request "Comment" column. Finally, it updates the registration request
skipping to change at line 93 skipping to change at line 93
"Comment" column to all active registries that do not already have a "Comment" column to all active registries that do not already have a
"Comment" column. "Comment" column.
This specification also updates the registration request This specification also updates the registration request
instructions. instructions.
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in "OPTIONAL" in this document are to be interpreted as described in BCP
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
3. Updating "Recommended" Column's Values 3. Updating "Recommended" Column's Values
The instructions in this document update the "Recommended" column, The instructions in this document update the "Recommended" column,
originally added in [RFC8447] to add a third value, "D", indicating originally added in [RFC8447] to add a third value, "D", indicating
that a value is discouraged. The permitted values of the that a value is discouraged. The permitted values of the
"Recommended" column are: "Recommended" column are:
Y: Indicates that the IETF has consensus that the item is Y: Indicates that the IETF has consensus that the item is
skipping to change at line 192 skipping to change at line 192
| 53 | connection_id (deprecated) | D | | 53 | connection_id (deprecated) | D |
+-------+----------------------------+-------------+ +-------+----------------------------+-------------+
Table 1 Table 1
* Updated the note on the "Recommended" column with text in * Updated the note on the "Recommended" column with text in
Section 3.1. Section 3.1.
* For the truncated_hmac, added the following link to the * For the truncated_hmac, added the following link to the
"Reference" column: https://www.iacr.org/archive/ "Reference" column: https://www.iacr.org/archive/
asiacrypt2011/70730368/70730368.pdf asiacrypt2011/70730368/70730368.pdf.
* For the two Reserved values above, added the following link in the * For the two Reserved values above, added the following link in the
"Reference" column: https://mailarchive.ietf.org/arch/msg/tls-reg- "Reference" column: https://mailarchive.ietf.org/arch/msg/tls-reg-
review/5BD62HBFjo_AsW-Y8ohVuWEe1gI/ review/5BD62HBFjo_AsW-Y8ohVuWEe1gI/.
5. TLS Cipher Suites Registry 5. TLS Cipher Suites Registry
Several categories of cipher suites are discouraged for general use Several categories of cipher suites are discouraged for general use
and are marked as "D". and are marked as "D".
Cipher suites that use NULL encryption do not provide the Cipher suites that use NULL encryption do not provide the
confidentiality normally expected of TLS. Protocols and applications confidentiality normally expected of TLS. Protocols and applications
are often designed to require confidentiality as a security property. are often designed to require confidentiality as a security property.
These cipher suites MUST NOT be used in those cases. These cipher suites MUST NOT be used in those cases.
skipping to change at line 366 skipping to change at line 366
* Updated the note on the "Recommended" column with text in * Updated the note on the "Recommended" column with text in
Section 3.1. Section 3.1.
* Removed the "Elliptic curve groups" note from the registration * Removed the "Elliptic curve groups" note from the registration
procedures table. procedures table.
* For each of the entries above, added the following link to the * For each of the entries above, added the following link to the
"Comment" column: "Comment" column:
https://datatracker.ietf.org/meeting/118/materials/slides-118-tls- https://datatracker.ietf.org/meeting/118/materials/slides-118-tls-
rfc8447bis-00 rfc8447bis-00.
7. TLS Exporter Labels Registry 7. TLS Exporter Labels Registry
This document updates the registration procedure for the "TLS This document updates the registration procedure for the "TLS
Exporter Labels" registry and updates the "Recommended" column Exporter Labels" registry and updates the "Recommended" column
allocation. IANA has updated the "TLS Exporter Labels" registry as allocation. IANA has updated the "TLS Exporter Labels" registry as
follows: follows:
* Changed the registration procedure from Specification Required to * Changed the registration procedure from Specification Required to
Expert Review and updated it to include: Expert Review and updated it to include:
 End of changes. 5 change blocks. 
6 lines changed or deleted 6 lines changed or added

This html diff was produced by rfcdiff 1.48.