Difference between revisions of "TLS specifications"

From FileZilla Wiki
Jump to navigationJump to search
(Undo revision 10394 by CodeSquid (talk))
m (Reverted edits by Reinier (talk) to last revision by CodeSquid)
 
(19 intermediate revisions by 10 users not shown)
Line 1: Line 1:
Well, if you are -really- itrsneeted in what I am thinking, it would be nice if I could read and react about these things on the front page (or news page) of pear.php.net instead of finding out about this on a blog I just discovered through a 3rd party site. Tell me, where is that link from pear.php.net to this blog anyway? Thanks.
+
The ''Transport Layer Security'' (TLS) protocol gets used to cryptographically protect a socket connection. It is the successor of the ''Secure Sockets Layer'' (SSL) protocol. TLS gets used for the FTP over TLS/SSL (FTPS) protocol.
 +
 
 +
== Technical Specifications ==
 +
 
 +
* [https://filezilla-project.org/specs/draft_ssl_v3.txt SSLv3 draft] (obsolete)
 +
* [https://filezilla-project.org/specs/rfc2246.txt <nowiki>RFC 2246</nowiki>] "TLS 1.0"
 +
* [https://filezilla-project.org/specs/rfc4346.txt <nowiki>RFC 4346</nowiki>] "TLS 1.1"
 +
* [https://filezilla-project.org/specs/rfc5246.txt <nowiki>RFC 5246</nowiki>] "TLS 1.2"
 +
* [https://filezilla-project.org/specs/rfc7465.txt <nowiki>RFC 7465</nowiki>] "Prohibiting RC4 Cipher Suites"
 +
 
 +
=== Points of interest ===
 +
 
 +
* Section 7.2.1. of RFC 2246: Closure alerts<br />
 +
<blockquote><pre>The client and the server must share knowledge that the connection is
 +
ending in order to avoid a truncation attack. Either party may
 +
initiate the exchange of closing messages.
 +
[...]
 +
Each party is required to send a close_notify alert before closing
 +
the write side of the connection.
 +
</pre></blockquote>
 +
 
 +
:Lots of FTP servers did not follow the specifications and were vulnerable to truncation attacks. FileZilla will properly fail transfers on those servers.
 +
 
 +
== See also ==
 +
 
 +
* [[File Transfer Protocol|FTP specifications]]
 +
* [[Other specifications]]
 +
* [[SFTP specifications]]

Latest revision as of 12:28, 2 December 2017

The Transport Layer Security (TLS) protocol gets used to cryptographically protect a socket connection. It is the successor of the Secure Sockets Layer (SSL) protocol. TLS gets used for the FTP over TLS/SSL (FTPS) protocol.

Technical Specifications[edit]

Points of interest[edit]

  • Section 7.2.1. of RFC 2246: Closure alerts
The client and the server must share knowledge that the connection is
ending in order to avoid a truncation attack. Either party may
initiate the exchange of closing messages.
[...]
Each party is required to send a close_notify alert before closing
the write side of the connection.
Lots of FTP servers did not follow the specifications and were vulnerable to truncation attacks. FileZilla will properly fail transfers on those servers.

See also[edit]

Retrieved from "https://wiki.filezilla-project.org/wiki/index.php?title=TLS_specifications&oldid=45018"