<?xml version='1.0' encoding='utf-8'?>
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" version="3" ipr="trust200902" docName="draft-ietf-tls-tls12-frozen-08" number="9851" updates="" obsoletes="" xml:lang="en" category="std" consensus="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true" prepTime="2026-07-15T22:52:08" indexInclude="true" scripts="Common,Latin" tocDepth="3">
  <link href="https://datatracker.ietf.org/doc/draft-ietf-tls-tls12-frozen-08" rel="prev"/>
  <link href="https://dx.doi.org/10.17487/rfc9851" rel="alternate"/>
  <link href="urn:issn:2070-1721" rel="alternate"/>
  <front>
    <title abbrev="TLS 1.2 Frozen">TLS 1.2 is in Feature Freeze</title>
    <seriesInfo name="RFC" value="9851" stream="IETF"/>
    <author fullname="Rich Salz">
      <organization showOnFrontPage="true">Akamai Technologies</organization>
      <address>
        <email>rsalz@akamai.com</email>
      </address>
    </author>
    <author fullname="Nimrod Aviram">
      <organization showOnFrontPage="true"/>
      <address>
        <email>nimrod.aviram@gmail.com</email>
      </address>
    </author>
    <date month="07" year="2026"/>
    <area>SEC</area>
    <workgroup>tls</workgroup>
    <keyword>TLS</keyword>
    <keyword>features</keyword>
    <abstract pn="section-abstract">
      <t indent="0" pn="section-abstract-1">Use of TLS 1.3, which fixes some known deficiencies in TLS 1.2, is
   growing.  This document specifies that no changes will be approved 
   for TLS 1.2 outside of urgent security fixes (as determined by 
   TLS Working Group consensus), new TLS Exporter Labels, and
   new Application-Layer Protocol Negotiation (ALPN) Protocol IDs.  
   This applies to TLS only; it does not apply to DTLS (in
   any DTLS version).</t>
    </abstract>
    <boilerplate>
      <section anchor="status-of-memo" numbered="false" removeInRFC="false" toc="exclude" pn="section-boilerplate.1">
        <name slugifiedName="name-status-of-this-memo">Status of This Memo</name>
        <t indent="0" pn="section-boilerplate.1-1">
            This is an Internet Standards Track document.
        </t>
        <t indent="0" pn="section-boilerplate.1-2">
            This document is a product of the Internet Engineering Task Force
            (IETF).  It represents the consensus of the IETF community.  It has
            received public review and has been approved for publication by
            the Internet Engineering Steering Group (IESG).  Further
            information on Internet Standards is available in Section 2 of 
            RFC 7841.
        </t>
        <t indent="0" pn="section-boilerplate.1-3">
            Information about the current status of this document, any
            errata, and how to provide feedback on it may be obtained at
            <eref target="https://www.rfc-editor.org/info/rfc9851" brackets="none"/>.
        </t>
      </section>
      <section anchor="copyright" numbered="false" removeInRFC="false" toc="exclude" pn="section-boilerplate.2">
        <name slugifiedName="name-copyright-notice">Copyright Notice</name>
        <t indent="0" pn="section-boilerplate.2-1">
            Copyright (c) 2026 IETF Trust and the persons identified as the
            document authors. All rights reserved.
        </t>
        <t indent="0" pn="section-boilerplate.2-2">
            This document is subject to BCP 78 and the IETF Trust's Legal
            Provisions Relating to IETF Documents
            (<eref target="https://trustee.ietf.org/license-info" brackets="none"/>) in effect on the date of
            publication of this document. Please review these documents
            carefully, as they describe your rights and restrictions with
            respect to this document. Code Components extracted from this
            document must include Revised BSD License text as described in
            Section 4.e of the Trust Legal Provisions and are provided without
            warranty as described in the Revised BSD License.
        </t>
      </section>
    </boilerplate>
    <toc>
      <section anchor="toc" numbered="false" removeInRFC="false" toc="exclude" pn="section-toc.1">
        <name slugifiedName="name-table-of-contents">Table of Contents</name>
        <ul bare="true" empty="true" indent="2" spacing="compact" pn="section-toc.1-1">
          <li pn="section-toc.1-1.1">
            <t indent="0" keepWithNext="true" pn="section-toc.1-1.1.1"><xref derivedContent="1" format="counter" sectionFormat="of" target="section-1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-introduction">Introduction</xref></t>
          </li>
          <li pn="section-toc.1-1.2">
            <t indent="0" keepWithNext="true" pn="section-toc.1-1.2.1"><xref derivedContent="2" format="counter" sectionFormat="of" target="section-2"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-implications-for-post-quant">Implications for Post-Quantum Cryptography (PQC)</xref></t>
          </li>
          <li pn="section-toc.1-1.3">
            <t indent="0" keepWithNext="true" pn="section-toc.1-1.3.1"><xref derivedContent="3" format="counter" sectionFormat="of" target="section-3"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-security-considerations">Security Considerations</xref></t>
          </li>
          <li pn="section-toc.1-1.4">
            <t indent="0" pn="section-toc.1-1.4.1"><xref derivedContent="4" format="counter" sectionFormat="of" target="section-4"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-iana-considerations">IANA Considerations</xref></t>
          </li>
          <li pn="section-toc.1-1.5">
            <t indent="0" pn="section-toc.1-1.5.1"><xref derivedContent="5" format="counter" sectionFormat="of" target="section-5"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-references">References</xref></t>
            <ul bare="true" empty="true" indent="2" spacing="compact" pn="section-toc.1-1.5.2">
              <li pn="section-toc.1-1.5.2.1">
                <t indent="0" pn="section-toc.1-1.5.2.1.1"><xref derivedContent="5.1" format="counter" sectionFormat="of" target="section-5.1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-normative-references">Normative References</xref></t>
              </li>
              <li pn="section-toc.1-1.5.2.2">
                <t indent="0" pn="section-toc.1-1.5.2.2.1"><xref derivedContent="5.2" format="counter" sectionFormat="of" target="section-5.2"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-informative-references">Informative References</xref></t>
              </li>
            </ul>
          </li>
          <li pn="section-toc.1-1.6">
            <t indent="0" pn="section-toc.1-1.6.1"><xref derivedContent="" format="none" sectionFormat="of" target="section-appendix.a"/><xref derivedContent="" format="title" sectionFormat="of" target="name-acknowledgments">Acknowledgments</xref></t>
          </li>
          <li pn="section-toc.1-1.7">
            <t indent="0" pn="section-toc.1-1.7.1"><xref derivedContent="" format="none" sectionFormat="of" target="section-appendix.b"/><xref derivedContent="" format="title" sectionFormat="of" target="name-authors-addresses">Authors' Addresses</xref></t>
          </li>
        </ul>
      </section>
    </toc>
  </front>
  <middle>
    <section anchor="sec-reasons" numbered="true" removeInRFC="false" toc="include" pn="section-1">
      <name slugifiedName="name-introduction">Introduction</name>
      <t indent="0" pn="section-1-1">TLS 1.3 <xref target="RFC9846" format="default" sectionFormat="of" derivedContent="TLS13"/> fixes most known deficiencies with TLS 1.2 <xref target="RFC5246" format="default" sectionFormat="of" derivedContent="TLS12"/> and its use is growing.  Some examples of the fixes include
encrypting more of the traffic so that it is not readable by outsiders and
removing most cryptographic primitives that are now considered weak. Importantly, TLS
1.3 enjoys robust security proofs.</t>
      <t indent="0" pn="section-1-2">Both versions have several extension points. Items like new cryptographic
algorithms, new supported groups (formerly "named curves"), etc., can be
added without defining a new protocol. This document specifies that no changes will be approved for TLS 1.2 outside of
urgent security fixes (as determined by TLS Working Group consensus) and the exceptions listed in <xref target="iana" format="default" sectionFormat="of" derivedContent="Section 4"/>.</t>
      <t indent="0" pn="section-1-3">This applies to TLS only. As such, it does not apply to
DTLS, in any DTLS version.</t>
    </section>
    <section anchor="implications-for-post-quantum-cryptography-pqc" numbered="true" removeInRFC="false" toc="include" pn="section-2">
      <name slugifiedName="name-implications-for-post-quant">Implications for Post-Quantum Cryptography (PQC)</name>
      <t indent="0" pn="section-2-1">Cryptographically relevant quantum computers, once available, are likely to
greatly lessen the time and effort needed to break
RSA, finite-field-based Diffie-Hellman (FFDH), or Elliptic Curve Cryptography (ECC) which are currently used in TLS.
In 2016, the US National Institute of Standards and Technology (NIST) started a
multi-year effort to standardize algorithms that will be "safe"
once quantum computers are feasible <xref target="PQC" format="default" sectionFormat="of" derivedContent="PQC"/>. Initial discussions in
the IETF community happened
around the same time <xref target="CFRGSLIDES" format="default" sectionFormat="of" derivedContent="CFRGSLIDES"/>.</t>
      <t indent="0" pn="section-2-2">In 2024, NIST released standards for <xref target="ML-KEM" format="default" sectionFormat="of" derivedContent="ML-KEM"/>, <xref target="ML-DSA" format="default" sectionFormat="of" derivedContent="ML-DSA"/>, and <xref target="SLH-DSA" format="default" sectionFormat="of" derivedContent="SLH-DSA"/>.
Many other countries and organizations are publishing their roadmaps,
including the multi-national standards organization ETSI <xref target="ETSI" format="default" sectionFormat="of" derivedContent="ETSI"/>.</t>
      <t indent="0" pn="section-2-3">While the industry was waiting for NIST to finish standardization, the
IETF has had several efforts underway.
A working group was formed in early 2023 to work on the use of Post-Quantum Cryptography (PQC) in IETF protocols
<xref target="PQUIPWG" format="default" sectionFormat="of" derivedContent="PQUIPWG"/>.
Several other working groups, including TLS <xref target="TLSWG" format="default" sectionFormat="of" derivedContent="TLSWG"/>,
are working on
specifications to support hybrid algorithms and identifiers, for use during a
transition from classic to a post-quantum world.</t>
      <t indent="0" pn="section-2-4">It is important to note that effort within the TLS Working Group is  focused exclusively on TLS 1.3 or later.
Put bluntly, PQC for
TLS 1.2 will not be specified (see <xref target="iana" format="default" sectionFormat="of" derivedContent="Section 4"/>) at any time; anyone wishing
to deploy PQC should expect to use TLS 1.3.</t>
    </section>
    <section anchor="security-considerations" numbered="true" removeInRFC="false" toc="include" pn="section-3">
      <name slugifiedName="name-security-considerations">Security Considerations</name>
      <t indent="0" pn="section-3-1">This entire document is about security and provides post-quantum security concerns
as an additional reason to upgrade to TLS 1.3.</t>
    </section>
    <section anchor="iana" numbered="true" removeInRFC="false" toc="include" pn="section-4">
      <name slugifiedName="name-iana-considerations">IANA Considerations</name>
      <t indent="0" pn="section-4-1">No TLS registries <xref target="RFC9847" format="default" sectionFormat="of" derivedContent="TLS13REG"/> are being closed by this document.
Rather, this document modifies the instructions to IANA and the TLS
Designated Experts to constrain the type of entries that can be added to existing
registries.</t>
      <t indent="0" pn="section-4-2">This document does not introduce any new limitations on the registrations for either of
the following two registries:</t>
      <ul spacing="normal" bare="false" empty="false" indent="3" pn="section-4-3">
        <li pn="section-4-3.1">
          <t indent="0" pn="section-4-3.1.1">TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs</t>
        </li>
        <li pn="section-4-3.2">
          <t indent="0" pn="section-4-3.2.1">TLS Exporter Labels</t>
        </li>
      </ul>
      <t indent="0" pn="section-4-4">The following note has been added to the other TLS registries:</t>
      <blockquote pn="section-4-5">
        <t indent="0" pn="section-4-5.1">Any TLS entry added after the IESG approves publication of RFC 9851
      is intended for TLS 1.3 or later, and makes no similar requirement on
      DTLS.  Such entries should have an informal indication like "For TLS 1.3
      or later" in that entry, such as the "Comment" column.</t>
      </blockquote>
      <t indent="0" pn="section-4-6">At the time of publication, the note has been added to the following TLS registries:</t>
      <ul spacing="normal" bare="false" empty="false" indent="3" pn="section-4-7">
        <li pn="section-4-7.1">
          <t indent="0" pn="section-4-7.1.1">TLS Alerts</t>
        </li>
        <li pn="section-4-7.2">
          <t indent="0" pn="section-4-7.2.1">TLS Authorization Data Formats</t>
        </li>
        <li pn="section-4-7.3">
          <t indent="0" pn="section-4-7.3.1">TLS CachedInformationType Values</t>
        </li>
        <li pn="section-4-7.4">
          <t indent="0" pn="section-4-7.4.1">TLS Certificate Compression Algorithm IDs</t>
        </li>
        <li pn="section-4-7.5">
          <t indent="0" pn="section-4-7.5.1">TLS Certificate Status Types</t>
        </li>
        <li pn="section-4-7.6">
          <t indent="0" pn="section-4-7.6.1">TLS Certificate Types</t>
        </li>
        <li pn="section-4-7.7">
          <t indent="0" pn="section-4-7.7.1">TLS Cipher Suites</t>
        </li>
        <li pn="section-4-7.8">
          <t indent="0" pn="section-4-7.8.1">TLS ClientCertificateType Identifiers</t>
        </li>
        <li pn="section-4-7.9">
          <t indent="0" pn="section-4-7.9.1">TLS ContentType</t>
        </li>
        <li pn="section-4-7.10">
          <t indent="0" pn="section-4-7.10.1">TLS EC Curve Types</t>
        </li>
        <li pn="section-4-7.11">
          <t indent="0" pn="section-4-7.11.1">TLS EC Point Formats</t>
        </li>
        <li pn="section-4-7.12">
          <t indent="0" pn="section-4-7.12.1">TLS ExtensionType Values</t>
        </li>
        <li pn="section-4-7.13">
          <t indent="0" pn="section-4-7.13.1">TLS HandshakeType</t>
        </li>
        <li pn="section-4-7.14">
          <t indent="0" pn="section-4-7.14.1">TLS HashAlgorithm</t>
        </li>
        <li pn="section-4-7.15">
          <t indent="0" pn="section-4-7.15.1">TLS Heartbeat Message Types</t>
        </li>
        <li pn="section-4-7.16">
          <t indent="0" pn="section-4-7.16.1">TLS Heartbeat Modes</t>
        </li>
        <li pn="section-4-7.17">
          <t indent="0" pn="section-4-7.17.1">TLS KDF Identifiers</t>
        </li>
        <li pn="section-4-7.18">
          <t indent="0" pn="section-4-7.18.1">TLS PskKeyExchangeMode</t>
        </li>
        <li pn="section-4-7.19">
          <t indent="0" pn="section-4-7.19.1">TLS SignatureAlgorithm</t>
        </li>
        <li pn="section-4-7.20">
          <t indent="0" pn="section-4-7.20.1">TLS SignatureScheme</t>
        </li>
        <li pn="section-4-7.21">
          <t indent="0" pn="section-4-7.21.1">TLS Supplemental Data Formats (SupplementalDataType)</t>
        </li>
        <li pn="section-4-7.22">
          <t indent="0" pn="section-4-7.22.1">TLS Supported Groups</t>
        </li>
        <li pn="section-4-7.23">
          <t indent="0" pn="section-4-7.23.1">TLS UserMappingType Values</t>
        </li>
      </ul>
      <t indent="0" pn="section-4-8">Any TLS registry created after this document is approved for publication
should indicate whether the actions defined here are applicable.</t>
    </section>
  </middle>
  <back>
    <displayreference target="RFC5246" to="TLS12"/>
    <displayreference target="RFC9846" to="TLS13"/>
    <displayreference target="RFC9847" to="TLS13REG"/>
    <references anchor="sec-combined-references" pn="section-5">
      <name slugifiedName="name-references">References</name>
      <references anchor="sec-normative-references" pn="section-5.1">
        <name slugifiedName="name-normative-references">Normative References</name>
        <reference anchor="RFC5246" target="https://www.rfc-editor.org/info/rfc5246" quoteTitle="true" derivedAnchor="TLS12">
          <front>
            <title>The Transport Layer Security (TLS) Protocol Version 1.2</title>
            <author fullname="T. Dierks" initials="T." surname="Dierks"/>
            <author fullname="E. Rescorla" initials="E." surname="Rescorla"/>
            <date month="August" year="2008"/>
            <abstract>
              <t indent="0">This document specifies Version 1.2 of the Transport Layer Security (TLS) protocol. The TLS protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. [STANDARDS-TRACK]</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="5246"/>
          <seriesInfo name="DOI" value="10.17487/RFC5246"/>
        </reference>
        <reference anchor="RFC9846" target="https://www.rfc-editor.org/info/rfc9846" quoteTitle="true" derivedAnchor="TLS13">
          <front>
            <title>The Transport Layer Security (TLS) Protocol Version 1.3</title>
            <author fullname="E. Rescorla" initials="E." surname="Rescorla"/>
            <date month="July" year="2026"/>
            <abstract>
              <t indent="0">This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery.</t>
              <t indent="0">This document obsoletes RFC 8446, which specified TLS 1.3. This document obsoletes RFC 5246 (specifying TLS 1.2) and RFCs 5077, 6961, 7627, and 8422, all of which pertain to TLS 1.2 or earlier, and updates RFCs 5705 and 6066. This document also specifies new requirements for TLS 1.2 implementations.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9846"/>
          <seriesInfo name="DOI" value="10.17487/RFC9846"/>
        </reference>
        <reference anchor="RFC9847" target="https://www.rfc-editor.org/info/rfc9847" quoteTitle="true" derivedAnchor="TLS13REG">
          <front>
            <title>IANA Registry Updates for TLS and DTLS</title>
            <author fullname="J. Salowey" initials="J." surname="Salowey"/>
            <author fullname="S. Turner" initials="S." surname="Turner"/>
            <date month="December" year="2025"/>
            <abstract>
              <t indent="0">This document updates the changes to the TLS and DTLS IANA registries made in RFC 8447. It adds a new value, "D" for discouraged, to the "Recommended" column of the selected TLS registries and adds a "Comment" column to all active registries that do not already have a "Comment" column. Finally, it updates the registration request instructions.</t>
              <t indent="0">This document updates RFC 8447.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9847"/>
          <seriesInfo name="DOI" value="10.17487/RFC9847"/>
        </reference>
      </references>
      <references anchor="sec-informative-references" pn="section-5.2">
        <name slugifiedName="name-informative-references">Informative References</name>
        <reference anchor="CFRGSLIDES" target="https://www.ietf.org/proceedings/95/slides/slides-95-cfrg-4.pdf" quoteTitle="true" derivedAnchor="CFRGSLIDES">
          <front>
            <title>Post Quantum Secure Cryptography Discussion</title>
            <author initials="D." surname="McGrew" fullname="David McGrew">
              <organization showOnFrontPage="true"/>
            </author>
            <date month="April" year="2016"/>
          </front>
          <refcontent>IETF 95 Proceedings</refcontent>
        </reference>
        <reference anchor="ETSI" target="https://www.etsi.org/deliver/etsi_tr/103600_103699/103619/01.01.01_60/tr_103619v010101p.pdf" quoteTitle="true" derivedAnchor="ETSI">
          <front>
            <title>CYBER; Migration strategies and recommendations to Quantum Safe schemes</title>
            <author>
              <organization abbrev="ETSI" showOnFrontPage="true">European Telecommunications Standards Institute</organization>
            </author>
            <date month="July" year="2020"/>
          </front>
          <seriesInfo name="ETSI TR" value="103 619"/>
          <refcontent>Version 1.1.1</refcontent>
        </reference>
        <reference anchor="ML-DSA" target="https://csrc.nist.gov/pubs/fips/204/final" quoteTitle="true" derivedAnchor="ML-DSA">
          <front>
            <title>Module-Lattice-Based Digital Signature Standard</title>
            <author>
              <organization abbrev="NIST" showOnFrontPage="true">National Institute of Standards and Technology</organization>
            </author>
            <date month="August" year="2024"/>
          </front>
          <seriesInfo name="NIST FIPS" value="204"/>
          <seriesInfo name="DOI" value="10.6028/NIST.FIPS.204"/>
        </reference>
        <reference anchor="ML-KEM" target="https://csrc.nist.gov/pubs/fips/203/final" quoteTitle="true" derivedAnchor="ML-KEM">
          <front>
            <title>Module-Lattice-Based Key-Encapsulation Mechanism Standard</title>
            <author>
              <organization abbrev="NIST" showOnFrontPage="true">National Institute of Standards and Technology</organization>
            </author>
            <date month="August" year="2024"/>
          </front>
          <seriesInfo name="NIST FIPS" value="203"/>
          <seriesInfo name="DOI" value="10.6028/NIST.FIPS.203"/>
        </reference>
        <reference anchor="PQC" target="https://csrc.nist.gov/projects/post-quantum-cryptography" quoteTitle="true" derivedAnchor="PQC">
          <front>
            <title>Post-Quantum Cryptography (PQC)</title>
            <author>
              <organization showOnFrontPage="true">NIST</organization>
            </author>
            <date year="2017" month="January"/>
          </front>
        </reference>
        <reference anchor="PQUIPWG" target="https://datatracker.ietf.org/wg/pquip/about/" quoteTitle="true" derivedAnchor="PQUIPWG">
          <front>
            <title>Post-Quantum Use in Protocols</title>
            <author>
              <organization showOnFrontPage="true">IETF</organization>
            </author>
          </front>
        </reference>
        <reference anchor="SLH-DSA" target="https://csrc.nist.gov/pubs/fips/205/final" quoteTitle="true" derivedAnchor="SLH-DSA">
          <front>
            <title>Stateless Hash-Based Digital Signature Standard</title>
            <author>
              <organization abbrev="NIST" showOnFrontPage="true">National Institute of Standards and Technology</organization>
            </author>
            <date month="August" year="2024"/>
          </front>
          <seriesInfo name="NIST FIPS" value="205"/>
          <seriesInfo name="DOI" value="10.6028/NIST.FIPS.205"/>
        </reference>
        <reference anchor="TLSWG" target="https://datatracker.ietf.org/wg/tls/about/" quoteTitle="true" derivedAnchor="TLSWG">
          <front>
            <title>Transport Layer Security</title>
            <author>
              <organization showOnFrontPage="true">IETF</organization>
            </author>
          </front>
        </reference>
      </references>
    </references>
    <section numbered="false" anchor="acknowledgments" removeInRFC="false" toc="include" pn="section-appendix.a">
      <name slugifiedName="name-acknowledgments">Acknowledgments</name>
      <t indent="0" pn="section-appendix.a-1">We gratefully acknowledge <contact fullname="Amanda Baber"/>, <contact fullname="David Dong"/>, and <contact fullname="Sabrina Tanamal"/>
of IANA for their help in revising and clarifying <xref target="iana" format="default" sectionFormat="of" derivedContent="Section 4"/>.</t>
    </section>
    <section anchor="authors-addresses" numbered="false" removeInRFC="false" toc="include" pn="section-appendix.b">
      <name slugifiedName="name-authors-addresses">Authors' Addresses</name>
      <author fullname="Rich Salz">
        <organization showOnFrontPage="true">Akamai Technologies</organization>
        <address>
          <email>rsalz@akamai.com</email>
        </address>
      </author>
      <author fullname="Nimrod Aviram">
        <organization showOnFrontPage="true"/>
        <address>
          <email>nimrod.aviram@gmail.com</email>
        </address>
      </author>
    </section>
  </back>
</rfc>
