TLS specifications: Difference between revisions
From FileZilla Wiki
Jump to navigationJump to search
m (→See also) |
|||
Line 20: | Line 20: | ||
:Lots of FTP servers did not follow the specifications and were vulnerable to truncation attacks. FileZilla will properly fail transfers on those servers. | :Lots of FTP servers did not follow the specifications and were vulnerable to truncation attacks. FileZilla will properly fail transfers on those servers. | ||
Whoa, whoa, get out the way with that good inforamtion. | |||
Revision as of 03:48, 23 September 2011
The Transport Layer Security (TLS) protocol gets used to cryptographically protect a socket connection. It is the successor of the Secure Sockets Layer (SSL) protocol. TLS gets used for the FTP over TLS/SSL (FTPS) protocol.
Technical Specifications
- SSLv3 draft (obsolete)
- RFC 2246 "TLS 1.0"
- RFC 4346 "TLS 1.1"
Points of interest
- Section 7.2.1. of RFC 2246: Closure alerts
The client and the server must share knowledge that the connection is ending in order to avoid a truncation attack. Either party may initiate the exchange of closing messages. [...] Each party is required to send a close_notify alert before closing the write side of the connection.
- Lots of FTP servers did not follow the specifications and were vulnerable to truncation attacks. FileZilla will properly fail transfers on those servers.
Whoa, whoa, get out the way with that good inforamtion.