7 results
Number | Files | Title | Authors | Date | More Info | Status |
---|---|---|---|---|---|---|
RFC 5746 | ASCII, PDF, HTML | Transport Layer Security (TLS) Renegotiation Indication Extension | E. Rescorla, M. Ray, S. Dispensa, N. Oskov | February 2010 | Updates RFC 5246, RFC 4366, RFC 4347, RFC 4346, RFC 2246 | Proposed Standard |
ABSTRACT | Secure Socket Layer (SSL) and Transport Layer Security (TLS) renegotiation are vulnerable to an attack in which the attacker forms a TLS connection with the target server, injects content of his choice, and then splices in a new TLS connection from a client. The server treats the client's initial TLS handshake as a renegotiation and thus believes that the initial data transmitted by the attacker is from the same entity as the subsequent client data. This specification defines a TLS extension to cryptographically tie renegotiations to the TLS connections they are being performed over, thus preventing this attack. [STANDARDS-TRACK] | |||||
KEYWORDS | [--------], ssl, secure socket layer | |||||
RFC 6101 | ASCII, PDF, HTML | The Secure Sockets Layer (SSL) Protocol Version 3.0 | A. Freier, P. Karlton, P. Kocher | August 2011 | Historic | |
ABSTRACT | This document is published as a historical record of the SSL 3.0 protocol. The original Abstract follows. This document specifies version 3.0 of the Secure Sockets Layer (SSL 3.0) protocol, a security protocol that provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. This document defines a Historic Document for the Internet community. | |||||
KEYWORDS | Transport layer security | |||||
RFC 6176 | ASCII, PDF, HTML, HTML with inline errata | Prohibiting Secure Sockets Layer (SSL) Version 2.0 | S. Turner, T. Polk | March 2011 | Errata, Updates RFC 2246, RFC 4346, RFC 5246, Updated by RFC 8996 | Proposed Standard |
ABSTRACT | This document requires that when Transport Layer Security (TLS) clients and servers establish connections, they never negotiate the use of Secure Sockets Layer (SSL) version 2.0. This document updates the backward compatibility sections found in the Transport Layer Security (TLS). [STANDARDS-TRACK] | |||||
KEYWORDS | [--------] | |||||
RFC 7457 | ASCII, PDF, HTML, HTML with inline errata | Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS) | Y. Sheffer, R. Holz, P. Saint-Andre | February 2015 | Errata | Informational |
ABSTRACT | Over the last few years, there have been several serious attacks on Transport Layer Security (TLS), including attacks on its most commonly used ciphers and modes of operation. This document summarizes these attacks, with the goal of motivating generic and protocol-specific recommendations on the usage of TLS and Datagram TLS (DTLS). | |||||
KEYWORDS | Transport Layer Security, TLS, Datagram TLS, DTLS, Secure Sockets Layer, SSL, security attacks | |||||
RFC 7525 | ASCII, PDF, HTML, HTML with inline errata | Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) | Y. Sheffer, R. Holz, P. Saint-Andre | May 2015 | Errata, Obsoleted by RFC 9325, Updated by RFC 8996 | Best Current Practice |
ABSTRACT | Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) are widely used to protect data exchanged over application protocols such as HTTP, SMTP, IMAP, POP, SIP, and XMPP. Over the last few years, several serious attacks on TLS have emerged, including attacks on its most commonly used cipher suites and their modes of operation. This document provides recommendations for improving the security of deployed services that use TLS and DTLS. The recommendations are applicable to the majority of use cases. | |||||
KEYWORDS | Transport Layer Security, TLS, DTLS, Secure Sockets Layer, SSL | |||||
RFC 7568 | ASCII, PDF, HTML | Deprecating Secure Sockets Layer Version 3.0 | R. Barnes, M. Thomson, A. Pironti, A. Langley | June 2015 | Errata, Updates RFC 5246, Updated by RFC 8996 | Proposed Standard |
ABSTRACT | The Secure Sockets Layer version 3.0 (SSLv3), as specified in RFC 6101, is not sufficiently secure. This document requires that SSLv3 not be used. The replacement versions, in particular, Transport Layer Security (TLS) 1.2 (RFC 5246), are considerably more secure and capable protocols. This document updates the backward compatibility section of RFC 5246 and its predecessors to prohibit fallback to SSLv3. | |||||
KEYWORDS | SSL, TLS, insecure, diediedie | |||||
RFC 7590 | ASCII, PDF, HTML | Use of Transport Layer Security (TLS) in the Extensible Messaging and Presence Protocol (XMPP) | P. Saint-Andre, T. Alkemade | June 2015 | Updates RFC 6120 | Proposed Standard |
ABSTRACT | This document provides recommendations for the use of Transport Layer Security (TLS) in the Extensible Messaging and Presence Protocol (XMPP). This document updates RFC 6120. | |||||
KEYWORDS | Extensible Messaging and Presence Protocol, XMPP, Jabber, Secure Sockets Layer, SSL, Transport Layer Security, TLS, instant messaging, presence, encryption, authentication |