UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 7633

X.509v3 Transport Layer Security (TLS) Feature Extension

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 October 2015
Status: active
Page Count: 11
scope:

The purpose of the TLS feature extension is to prevent downgrade attacks that are not otherwise prevented by the TLS protocol. In particular, the TLS feature extension may be used to mandate support for revocation checking features in the TLS protocol such as Online Certificate Status Protocol (OCSP) stapling. Informing clients that an OCSP status response will always be stapled permits an immediate failure in the case that the response is not stapled. This in turn prevents a denial-of-service attack that might otherwise be possible.

Document History

IETF RFC 7633
October 1, 2015
X.509v3 Transport Layer Security (TLS) Feature Extension
The purpose of the TLS feature extension is to prevent downgrade attacks that are not otherwise prevented by the TLS protocol. In particular, the TLS feature extension may be used to mandate support...

References

Advertisement