This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Deprecating Secure Sockets Layer Version 3.0
Deprecating Secure Sockets Layer Version 3.0

Version management

Difference between version and

At line 1 added 21 lines
!!! Overview
[{$pagename}] ([RFC 7568]) was released in [1996|Year 1996], the [SSLv3] protocol [RFC 6101] has been subject to a long series of [attacks], both on its [key-Exchange] mechanism and on the [encryption] schemes it supports.
Despite being replaced by:
* [TLS 1.0] [RFC 2246] in [1999|Year 1999]
* [TLS 1.1] in [2002|Year 2002] [RFC 4346]
* [TLS 1.2] in [2006|Year 2006] [RFC 5246]
availability of these replacement versions has not been universal. As a result, many implementations of [TLS] have permitted the negotiation of [SSLv3].
The predecessor of [SSLv3], [SSL version 2|SSLv2], is no longer considered sufficiently secure [RFC 6176]. [SSLv3] now follows.
!! 3. Do Not Use SSL Version 3.0
[SSLv3] [MUST NOT] be used. Negotiation of [SSLv3] from any version of [TLS] [MUST NOT] be permitted.
Any version of [TLS] is more secure than [SSLv3], though the highest version available is preferable.
Pragmatically, clients [MUST NOT] send a [ClientHello] with [ClientHello].client_version set to {03,00}. Similarly, servers [MUST NOT] send a [ServerHello] with [ServerHello].server_version set to {03,00}. Any party receiving a Hello message with the [protocol] version set to {03,00} [MUST] respond with a "protocol_version" alert message and close the connection.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop