UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 7568

Deprecating Secure Sockets Layer Version 3.0

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 June 2015
Status: active
Page Count: 7
scope:

The Secure Sockets Layer version 3.0 (SSLv3), as specified in RFC 6101, is not sufficiently secure. This document requires that SSLv3 not be used. The replacement versions, in particular, Transport Layer Security (TLS) 1.2 (RFC 5246), are considerably more secure and capable protocols.

This document updates the backward compatibility section of RFC 5246 and its predecessors to prohibit fallback to SSLv3.

Document History

IETF RFC 7568
June 1, 2015
Deprecating Secure Sockets Layer Version 3.0
The Secure Sockets Layer version 3.0 (SSLv3), as specified in RFC 6101, is not sufficiently secure. This document requires that SSLv3 not be used. The replacement versions, in particular, Transport...

References

This document references:
IETF RFC 5746 - Transport Layer Security (TLS) Renegotiation Indication Extension
Published by IETF on February 1, 2010
Introduction TLS [RFC5246] allows either the client or the server to initiate renegotiation -- a new handshake that establishes new cryptographic parameters. Unfortunately, although the new handshake...
This document references:
IETF RFC 6176 - Prohibiting Secure Sockets Layer (SSL) Version 2.0
Published by IETF on March 1, 2011
Abstract This document requires that when Transport Layer Security (TLS) clients and servers establish connections, they never negotiate the use of Secure Sockets Layer (SSL) version 2.0. This...
This document is referenced by:
IETF RFC 7627 - Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
Published by IETF on September 1, 2015
The Transport Layer Security (TLS) master secret is not cryptographically bound to important session parameters such as the server certificate. Consequently, it is possible for an active attacker to...
This document is referenced by:
IETF RFC 7925 - Transport Layer Security (TLS) / Datagram Transport Layer Security (DTLS) Profiles for the Internet of Things
Published by IETF on July 1, 2016
A common design pattern in Internet of Things (IoT) deployments is the use of a constrained device that collects data via sensors or controls actuators for use in home automation, industrial control...
View Less
View All
Advertisement