Overview#
TLS is an Abbreviation of Transport Layer Security.The term "Implicit TLS" refers to the automatic negotiation of TLS whenever a TCP connection is made on a particular TCP port that is used exclusively by that server for TLS connections.
The term "Implicit TLS" is intended to contrast with the use of StartTLS and similar commands in POP, IMAP, SMTP, LDAP Message Submission, and other protocols, that are used by the client and the server to explicitly negotiate Transport Layer Security on an established cleartext TCP connection.
Due to StartTLS Implementation Vulnerabilities lead Ldapwiki Preferring Implicit TLS on its own ports
More Information#
There might be more information for this subject on one of the following:- AES-GCM
- API-Gateway
- Application-Layer Protocol Negotiation
- Application_data
- Authenticated Protected Channel
- Authorization API
- Authorization Request
- Authorization_endpoint
- Automatic Certificate Management Environment
- BEAST
- Best Practices Remote Loader
- Best Practices for LDAP Security
- Binding
- CRAM-MD5
- CSRF Token
- Camellia
- Certificate Keystores
- Certificate Level Of Assurance
- Certificate Transparency
- Certificate Validation Tools
- Certificate-based Authentication
- CertificateRequest
- CertificateVerify
- Certificate_list
- Certification Authority Browser Forum
- Channel Binding
- Channel Bindings for TLS
- Cipher Block Chaining
- Cipher Suite
- ClientHello
- ClientKeyExchange
- Connection-Oriented Media Transport over the Transport Layer Security (TLS) Protocol in the Session Description Protocol (SDP)
- CredSSP
- DIAMETER
- DNS over HTTPS
- DNS over TLS
- DNS-Based Authentication of Named Entities
- Data In Transit
- DataEncipherment
- Deprecating Secure Sockets Layer Version 3.0
- Deprecating TLSv1.0 and TLSv1.1
- Derive the Master Secret
- Differences between LDAP 2 and 3 Protocols
- Diffie-Hellman Ephemeral
- Diffie-Hellman key-exchange
- Diffie-Hellman or RSA
- EDirectory TLS
- Enable UserPassword in Microsoft Active Directory
- Encrypted Server Name Indication
- EncryptedPreMasterSecret
- End-to-end Encryption
- Extended Protection for Authentication
- FREAK
- Federated Authorization for UMA 2.0
- Glossary Of LDAP And Directory Terminology
- HTTP Over TLS
- HTTPS
- Heartbeat Protocol
- Heartbleed
- How SSL-TLS Works
- How To Crack SSL-TLS
- How to get OpenSSL to recognise an Active Directory CA
- Hybrid cryptosystem
- IMessage
- Impersonation-resistant
- Importing Certificates In Imanager
- Internet Protocol Security
- Introspection_endpoint
- Issues and Requirements for SNI Encryption in TLS
- JWK Set
- Java KeyStore
- Key-Exchange
- KeyEncipherment
- Keyed-Hash Message Authentication Code
- Known Cipher Suites
- LDAP Protocol dependencies
- LDAP Result Codes
- LDAP Signing
- LDAPS
- LDAPServerIntegrity
- LDAP_SERVER_DOWN
- LDAP_STRONG_AUTH_REQUIRED
- LdapInterfaces
- Lets encrypt
- Lightweight Directory Access Protocol (LDAP) Authentication Methods and Security Mechanisms
- Logjam
- Lucky 13
- Macaroons
- Malicious PAC
- Man-In-The-Middle
- Master Secret
- Mutual TLS
- Mutual TLS Profiles for OAuth Clients
- Mutual TLS Sender Constrained Resources Access
- NICI
- NIST.SP.800-52
- NIST.SP.800-57
- NT LAN Manager Vulnerabilities
- Ndsconfig Parameters
- Ndstrace
- Netlogon service
- Network Security Services
- Novell International Cryptographic Infrastructure
- OAuth 2.0 Bearer Token Usage
- OAuth 2.0 Dynamic Client Registration Management Protocol
- OAuth 2.0 JWT Secured Authorization Request
- OAuth 2.0 Message Authentication Code (MAC) Tokens
- OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens
- OAuth 2.0 Security Best Current Practice
- OAuth 2.0 Security Considerations
- OAuth 2.0 Vulnerabilities
- OAuth Token Request
- OpenID Connect Federation
- OpenID Provider Issuer Discovery
- Opportunistic TLS
- PCI Data Security Standard v3.1
- PCI Data Security Standard v3.2
- PCI Data Security Standard v3.2.1
- Payment Card Industry Data Security Standard
- Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)
- Prohibiting RC4 Cipher Suites
- Prohibiting Secure Sockets Layer (SSL) Version 2.0
- Protected Extensible Authentication Protocol
- Protection API
- Protocol ossification
- Public Wi-Fi
- Quick UDP Internet Connections
- RC4
- RFC 2817
- RFC 4217
- RFC 4492
- RFC 5246
- RFC 5489
- RFC 5705
- RFC 6125
- RFC 6460
- RFC 6698
- RFC 6961
- RFC 7301
- RFC 7672
- RFC 7817
- RFC 7858
- RFC 7919
- RFC 8446
- RFC 8447
- RFC-5288
- RSA key-exchange
- Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
- Record Protocol
- SASL
- SASL EXTERNAL
- SHA-1
- SSL Handshake Failed
- SSL Overhead
- SSL-TLS Interception
- SSLAndOurPrograms
- SSLv2
- SSLv3
- Salted Challenge Response Authentication Mechanism
- Schannel SSP
- Secure Socket Layer
- Secure connection
- Security Strength Factor
- Server Name Indication
- Server-side TLS configuration guide
- ServerCertificate
- ServerHello
- Session Initiation Protocol
- Sovrin
- StartTLS
- Supported Groups Registry
- Supported_versions
- TLS
- TLS 1.0
- TLS 1.1
- TLS 1.2
- TLS 1.3
- TLS 1.3 Cipher Suites
- TLS Alert Messages
- TLS Client Authentication
- TLS Compression
- TLS Fallback Signaling Cipher Suite Value (SCSV)
- TLS Handshake Message
- TLS Maturity Model
- TLS PRF
- TLS Protocol Limitations
- TLS Session Keys
- TLS User Mapping Extension
- TLS extension
- TLSA
- TLS_NULL_WITH_NULL_NULL
- Token Binding Protocol
- Token Binding over HTTP
- Token_endpoint
- Tomcat And SSL
- Toolbox
- Transport Layer Security
- Transport Layer Security (TLS) Renegotiation Indication Extension
- Triple DES
- Trust No One
- UnicodePwd
- User Datagram Protocol
- UserInfo Request
- UserInfo Response
- Userinfo_endpoint
- Using the Secure Remote Password (SRP) Protocol for TLS Authentication
- Web Blog_blogentry_271215_1
- Windows Authentication Package
