TLS及其扩展标准的编号整理
来源:互联网 发布:淘宝子账户怎么登录 编辑:程序博客网 时间:2024/04/29 05:44
转自:http://en.wikipedia.org/wiki/Transport_Layer_Security
Extensions[edit]
Other RFCs subsequently extended TLS.
Extensions to TLS 1.0 include:
- RFC 2595: "Using TLS with IMAP, POP3 and ACAP". Specifies an extension to the IMAP, POP3 and ACAP services that allow the server and client to use transport-layer security to provide private, authenticated communication over the Internet.
- RFC 2712: "Addition ofKerberos Cipher Suites to Transport Layer Security (TLS)". The 40-bit cipher suites defined in this memo appear only for the purpose of documenting the fact that those cipher suite codes have already been assigned.
- RFC 2817: "Upgrading to TLS Within HTTP/1.1", explains how to use theUpgrade mechanism in HTTP/1.1 to initiate Transport Layer Security (TLS) over an existing TCP connection. This allows unsecured and secured HTTP traffic to share the samewell known port (in this case, http: at 80 rather than https: at 443).
- RFC 2818: "HTTP Over TLS", distinguishes secured traffic from insecure traffic by the use of a different 'server port'.
- RFC 3207: "SMTP Service Extension for Secure SMTP over Transport Layer Security". Specifies an extension to the SMTP service that allows an SMTP server and client to use transport-layer security to provide private, authenticated communication over the Internet.
- RFC 3268: "AES Ciphersuites for TLS". AddsAdvanced Encryption Standard (AES) cipher suites to the previously existing symmetric ciphers.
- RFC 3546: "Transport Layer Security (TLS) Extensions", adds a mechanism for negotiating protocol extensions during session initialisation and defines some extensions. Made obsolete by RFC 4366.
- RFC 3749: "Transport Layer Security Protocol Compression Methods", specifies the framework for compression methods and theDEFLATE compression method.
- RFC 3943: "Transport Layer Security (TLS) Protocol Compression Using Lempel-Ziv-Stac (LZS)".
- RFC 4132: "Addition ofCamellia Cipher Suites to Transport Layer Security (TLS)".
- RFC 4162: "Addition ofSEED Cipher Suites to Transport Layer Security (TLS)".
- RFC 4217: "SecuringFTP with TLS".
- RFC 4279: "Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)", adds three sets of new cipher suites for the TLS protocol to support authentication based on pre-shared keys.
Extensions to TLS 1.1 include:
- RFC 4347: "Datagram Transport Layer Security" specifies a TLS variant that works over datagram protocols (such as UDP).
- RFC 4366: "Transport Layer Security (TLS) Extensions" describes both a set of specific extensions and a generic extension mechanism.
- RFC 4492: "Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)".
- RFC 4680: "TLS Handshake Message for Supplemental Data".
- RFC 4681: "TLS User Mapping Extension".
- RFC 4785: "Pre-Shared Key (PSK) Ciphersuites with NULL Encryption for Transport Layer Security (TLS)".
- RFC 5054: "Using theSecure Remote Password (SRP) Protocol for TLS Authentication". Defines the TLS-SRP ciphersuites.
- RFC 5077: "Transport Layer Security (TLS) Session Resumption without Server-Side State".
- RFC 5081: "UsingOpenPGP Keys for Transport Layer Security (TLS) Authentication", obsoleted byRFC 6091.
Extensions to TLS 1.2 include:
- RFC 5288: "AES Galois Counter Mode (GCM) Cipher Suites for TLS".
- RFC 5289: "TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM)".
- RFC 5746: "Transport Layer Security (TLS) Renegotiation Indication Extension".
- RFC 5878: "Transport Layer Security (TLS) Authorization Extensions".
- RFC 5932: "Camellia Cipher Suites for TLS"
- RFC 6066: "Transport Layer Security (TLS) Extensions: Extension Definitions", includesServer Name Indication and OCSP stapling.
- RFC 6091: "UsingOpenPGP Keys for Transport Layer Security (TLS) Authentication".
- RFC 6176: "Prohibiting Secure Sockets Layer (SSL) Version 2.0".
- RFC 6209: "Addition of theARIA Cipher Suites to Transport Layer Security (TLS)".
- RFC 6347: "Datagram Transport Layer Security Version 1.2".
- RFC 6367: "Addition of the Camellia Cipher Suites to Transport Layer Security (TLS)".
- RFC 6460: "Suite B Profile for Transport Layer Security (TLS)".
- RFC 6655: "AES-CCM Cipher Suites for Transport Layer Security (TLS)".
- RFC 7027: "Elliptic Curve Cryptography (ECC) Brainpool Curves for Transport Layer Security (TLS)".
- RFC 7251: "AES-CCM Elliptic Curve Cryptography (ECC) Cipher Suites for TLS".
- RFC 7301: "Transport Layer Security (TLS)Application-Layer Protocol Negotiation Extension".
- RFC 7366: "Encrypt-then-MAC for Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)".
- RFC 7465: "Prohibiting RC4 Cipher Suites".
Encapsulations of TLS include:
- RFC 5216: "TheEAP-TLS Authentication Protocol"
§Informational RFCs[edit]
- RFC 7457: "Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS)"
RFC标准查询界面:http://www.rfc-editor.org/search/rfc_search_detail.php?title=Pre-Shared+Key&pubstatus%5B%5D=Any&pub_date_type=any
TLS标准制定情况:http://datatracker.ietf.org/wg/tls/documents/
Q:RFC的标准里是否有写明对应一个版本的TLS有哪些具体的扩展? 如pre-shared TLS就没有在上述维基百科给出的TLS1.2的扩展中写明,请问TLS1.2包括这个扩展么?关心这个问题的原因是,renegotiation在TLS1.3的标准制定中有可能取消,因而想确知扩展对应的版本情况。
RFC5246 http://tools.ietf.org/html/rfc5246#section-8.1
0 0
- TLS及其扩展标准的编号整理
- SSL/TLS的Heartbeat 扩展
- OAF标准模块个性化扩展开发及其个性化的删除
- 标准的代号和编号
- 浅谈 标准的代号和编号
- IDENTITY列及其编号的问题
- GCDAsyncSOcket使用及其SSL/TLS双向认证的实现
- ECMAScript6标准数组的扩展
- 标准的好处及其他
- 对比 未用指针的标准程序+幸运的编号
- 链表环的检测及其扩展
- 微软的RSS扩展--SSE标准解读
- 如何扩展VB标准控件的功能
- 扩展你的WIndows标准控件
- 基于可扩展平台的标准软件
- 基于可扩展平台的标准软件
- 标准文件对话框的扩展使用方法
- MySQL对标准SQL的注释扩展
- CreateThread, AfxBeginThread,_beginthreadx的区别
- C编译
- 排序算法--插入排序(直接插入排序、折半插入、shell排序)的java实现
- 基础练习 特殊的数字
- MAC中修改hosts的方法
- TLS及其扩展标准的编号整理
- 关于在程序中添加requestWindowFeature(Window.FEATURE_NO_TITLE);引起问题的说明
- onSaveInstanceState和onRestoreInstanceState的用处
- StringBuffer转化为String类型,和数组类型?
- scrapy入门
- 解决java.util.concurrent.ExecutionException: org.apache.catalina.LifecycleException
- 微信公众账号开发接口实现 - java servlet
- openfire插件最佳实践(三) 用户加入指定群组功能
- SAP 用户权限解剖