I-D Action: draft-pettersen-tls-version-rollback-removal-00.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A New Internet-Draft is available from the on-line Internet-Drafts directories.


	Title           : Managing and removing automatic version rollback in TLS Clients
	Author(s)       : Yngve N. Pettersen
	Filename        : draft-pettersen-tls-version-rollback-removal-00.txt
	Pages           : 6
	Date            : 2012-07-03

Abstract:
   Ever since vendors started deploying TLS 1.0 clients, these clients
   have had to handle server implementations that do not tolerate the
   TLS version supported by the client, usually by automatically
   signaling an older supported version instead.  Such version rollbacks
   represent a potential security hazard, if the older version should
   become vulnerable to attacks.  The same history repeated when TLS
   Extensions were introduced, as some servers would not negotiate with
   clients that sent these protocol extensions, forcing clients to
   reduce protocol functionality in order to maintain interoperability.

   This document outlines a procedure to help clients decide when they
   may use version rollback to maintain interoperability with legacy
   servers, under what conditions the clients should not allow version
   rollbacks, such as when the server has indicated support for the TLS
   Renegotiation Information extension.  The intention of this procedure
   is to limit the use of automatic version rollback to legacy servers
   and eventually eliminate its use.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-pettersen-tls-version-rollback-removal

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-pettersen-tls-version-rollback-removal-00


Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt


[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux