RFC 7568

Deprecating Secure Sockets Layer Version 3.0, June 2015

File formats:
icon for text file icon for PDF icon for HTML
Status:
PROPOSED STANDARD
Updates:
RFC 5246
Updated by:
RFC 8996
Authors:
R. Barnes
M. Thomson
A. Pironti
A. Langley
Stream:
IETF
Source:
tls (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC7568

Discuss this RFC: Send questions or comments to the mailing list tls@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 7568


Abstract

The Secure Sockets Layer version 3.0 (SSLv3), as specified in RFC 6101, is not sufficiently secure. This document requires that SSLv3 not be used. The replacement versions, in particular, Transport Layer Security (TLS) 1.2 (RFC 5246), are considerably more secure and capable protocols.

This document updates the backward compatibility section of RFC 5246 and its predecessors to prohibit fallback to SSLv3.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.




Advanced Search