{"draft":"draft-ietf-uta-tls-bcp-11","doc_id":"RFC7525","title":"Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)","authors":["Y. Sheffer","R. Holz","P. Saint-Andre"],"format":["ASCII","HTML"],"page_count":"27","pub_status":"BEST CURRENT PRACTICE","status":"BEST CURRENT PRACTICE","source":"Using TLS in Applications APP","abstract":"Transport Layer Security (TLS) and Datagram Transport Layer Security\r\n(DTLS) are widely used to protect data exchanged over application\r\nprotocols such as HTTP, SMTP, IMAP, POP, SIP, and XMPP.  Over the\r\nlast few years, several serious attacks on TLS have emerged,\r\nincluding attacks on its most commonly used cipher suites and their\r\nmodes of operation.  This document provides recommendations for\r\nimproving the security of deployed services that use TLS and DTLS.\r\nThe recommendations are applicable to the majority of use cases.","pub_date":"May 2015","keywords":["Transport Layer Security","TLS","DTLS","Secure Sockets Layer","SSL"],"obsoletes":[],"obsoleted_by":["RFC9325"],"updates":[],"updated_by":["RFC8996"],"see_also":[],"doi":"10.17487\/RFC7525","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc7525"}