Difference between revisions of "TLS specifications"
From FileZilla Wiki
Jump to navigationJump to search (iNcnyKqQBbWdibvX) |
|||
(18 intermediate revisions by 9 users not shown) | |||
Line 1: | Line 1: | ||
− | + | The ''Transport Layer Security'' (TLS) protocol gets used to cryptographically protect a socket connection. It is the successor of the ''Secure Sockets Layer'' (SSL) protocol. TLS gets used for the FTP over TLS/SSL (FTPS) protocol. | |
+ | |||
+ | == Technical Specifications == | ||
+ | |||
+ | * [https://filezilla-project.org/specs/draft_ssl_v3.txt SSLv3 draft] (obsolete) | ||
+ | * [https://filezilla-project.org/specs/rfc2246.txt <nowiki>RFC 2246</nowiki>] "TLS 1.0" | ||
+ | * [https://filezilla-project.org/specs/rfc4346.txt <nowiki>RFC 4346</nowiki>] "TLS 1.1" | ||
+ | * [https://filezilla-project.org/specs/rfc5246.txt <nowiki>RFC 5246</nowiki>] "TLS 1.2" | ||
+ | * [https://filezilla-project.org/specs/rfc7465.txt <nowiki>RFC 7465</nowiki>] "Prohibiting RC4 Cipher Suites" | ||
+ | |||
+ | === Points of interest === | ||
+ | |||
+ | * Section 7.2.1. of RFC 2246: Closure alerts<br /> | ||
+ | <blockquote><pre>The client and the server must share knowledge that the connection is | ||
+ | ending in order to avoid a truncation attack. Either party may | ||
+ | initiate the exchange of closing messages. | ||
+ | [...] | ||
+ | Each party is required to send a close_notify alert before closing | ||
+ | the write side of the connection. | ||
+ | </pre></blockquote> | ||
+ | |||
+ | :Lots of FTP servers did not follow the specifications and were vulnerable to truncation attacks. FileZilla will properly fail transfers on those servers. | ||
+ | |||
+ | == See also == | ||
+ | |||
+ | * [[File Transfer Protocol|FTP specifications]] | ||
+ | * [[Other specifications]] | ||
+ | * [[SFTP specifications]] |
Latest revision as of 12:28, 2 December 2017
The Transport Layer Security (TLS) protocol gets used to cryptographically protect a socket connection. It is the successor of the Secure Sockets Layer (SSL) protocol. TLS gets used for the FTP over TLS/SSL (FTPS) protocol.
Technical Specifications[edit]
- SSLv3 draft (obsolete)
- RFC 2246 "TLS 1.0"
- RFC 4346 "TLS 1.1"
- RFC 5246 "TLS 1.2"
- RFC 7465 "Prohibiting RC4 Cipher Suites"
Points of interest[edit]
- Section 7.2.1. of RFC 2246: Closure alerts
The client and the server must share knowledge that the connection is ending in order to avoid a truncation attack. Either party may initiate the exchange of closing messages. [...] Each party is required to send a close_notify alert before closing the write side of the connection.
- Lots of FTP servers did not follow the specifications and were vulnerable to truncation attacks. FileZilla will properly fail transfers on those servers.