TLS specifications: Difference between revisions
From FileZilla Wiki
Jump to navigationJump to search
(Undo revision 18559 by 96.8.88.10 (talk)) |
Bevmorguson (talk | contribs) |
||
Line 11: | Line 11: | ||
* Section 7.2.1. of RFC 2246: Closure alerts<br /> | * Section 7.2.1. of RFC 2246: Closure alerts<br /> | ||
<blockquote><pre>The client and the server must share knowledge that the connection is | <blockquote><pre>The client and the server must share knowledge that the connection is | ||
ending in order to avoid a truncation attack. Either party may | ending in order to avoid a truncation attack. [http://aresearchpaper.org/ research paper] Either party may | ||
initiate the exchange of closing messages. | initiate the exchange of closing messages. | ||
[...] | [...] |
Revision as of 07:19, 24 October 2012
The Transport Layer Security (TLS) protocol gets used to cryptographically protect a socket connection. It is the successor of the Secure Sockets Layer (SSL) protocol. TLS gets used for the FTP over TLS/SSL (FTPS) protocol.
Technical Specifications
- SSLv3 draft (obsolete)
- RFC 2246 "TLS 1.0"
- RFC 4346 "TLS 1.1"
Points of interest
- Section 7.2.1. of RFC 2246: Closure alerts
The client and the server must share knowledge that the connection is ending in order to avoid a truncation attack. [http://aresearchpaper.org/ research paper] Either party may initiate the exchange of closing messages. [...] Each party is required to send a close_notify alert before closing the write side of the connection.
- Lots of FTP servers did not follow the specifications and were vulnerable to truncation attacks. FileZilla will properly fail transfers on those servers.