[TLS] One approach to rollback protection
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[TLS] One approach to rollback protection
I've been doing some thinking about how to prevent rollback to
TLS 1.0/SSLv3 from TLS 1.1-capable agents.
Since there's very little deployment of TLS 1.1+, basically anything
we do now will roll out more or less in parallel with TLS 1.1 deployment,
as long as it's backward compatible.The obvious technique here is to
stuff the relevant indicator in the cipher suites list, since we know that
servers ignore unknown entries there.
I've taken an initial crack at a draft for this:
http://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-version-cs.txt
-Ekr
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
