A farkon shekara, a cikin rahoto kan matsalolin Intanet da samun dama ga 2018-2019
IETF TLS Kujerun Ƙungiya Masu Aiki
"A takaice, TLS 1.3 yakamata ya samar da tushe don ingantaccen Intanet mai aminci da inganci na shekaru 20 masu zuwa."
Ƙaddamarwa
A cewar Eric Rescorla (Firefox CTO kuma marubucin TLS 1.3 kaɗai)
"Wannan shi ne cikakken maye gurbin TLS 1.2, ta amfani da maɓalli iri ɗaya da takaddun shaida, don haka abokin ciniki da uwar garken na iya sadarwa ta atomatik akan TLS 1.3 idan dukansu sun goyi bayansa," in ji shi. "An riga an sami kyakkyawan tallafi a matakin ɗakin karatu, kuma Chrome da Firefox suna ba da damar TLS 1.3 ta tsohuwa."
A layi daya, TLS yana ƙarewa a cikin ƙungiyar aiki na IETF
Jerin aiwatar da TLS 1.3 na yanzu yana samuwa akan Github ga duk wanda ke neman ɗakin karatu mafi dacewa:
Menene ya canza tun TLS 1.2?
Daga
"Ta yaya TLS 1.3 ke sa duniya ta zama wuri mafi kyau?
TLS 1.3 ya haɗa da wasu fa'idodin fasaha-kamar sauƙaƙe tsarin musafaha don kafa amintaccen haɗi-kuma yana ba abokan ciniki damar ci gaba da zama cikin sauri tare da sabobin. Waɗannan matakan an yi niyya ne don rage jinkirin saitin haɗin kai da gazawar haɗin kan mahaɗa masu rauni, waɗanda galibi ana amfani da su azaman hujja don samar da haɗin HTTP marasa rufaffen kawai.
Kamar yadda yake da mahimmanci, yana cire tallafi don gado da yawa da ɓoyayyen ɓoyewa da hashing algorithms waɗanda har yanzu ana ba da izini (ko da yake ba a ba da shawarar ba) don amfani da sigar farko na TLS, gami da SHA-1, MD5, DES, 3DES, da AES-CBC. ƙara goyan baya don sababbin suites. Sauran haɓakawa sun haɗa da ƙarin ɓoyayyen ɓoyayyen abubuwan musafaha (misali, musayar bayanan takardar shaidar yanzu an rufaffen rufaffen) don rage adadin alamu zuwa mai yuwuwar sauraron sauraren zirga-zirga, da kuma haɓaka sirrin sirri lokacin amfani da wasu hanyoyin musayar maɓalli ta yadda sadarwa a kowane lokaci dole ne ya kasance amintacce ko da algorithms da aka yi amfani da su don ɓoye shi sun lalace a nan gaba."
Haɓaka ka'idoji na zamani da DDoS
Kamar yadda ƙila kuka riga kuka karanta, yayin haɓaka ƙa'idar
Dalilan da ya sa ake buƙatar hakan an bayyana su a cikin takaddar,
Duk da yake ba mu shirya yin hasashe kan buƙatun ƙa'ida ba, kayan aikin rage kayan aikin mu na DDoS (gami da mafita).
Har ila yau, tun lokacin aiwatarwa, ba a gano matsalolin da suka shafi boye-boye na sufuri ba. Yana da hukuma: TLS 1.3 yana shirye don samarwa.
Koyaya, har yanzu akwai matsala mai alaƙa da haɓaka ƙa'idodin ƙa'idodi na gaba. Matsalar ita ce ci gaban yarjejeniya a cikin IETF yawanci ya dogara ne akan binciken ilimi, kuma yanayin binciken ilimi a fagen rage rarrabar hare-haren kin sabis ba shi da kyau.
Don haka, misali mai kyau zai kasance
Na karshen shine, a zahiri, ba kasafai ba ne a cikin mahalli na kasuwanci na gaske (kuma wani bangare ne kawai na ISPs), kuma a kowace harka ba zai yuwu ya zama “babban shari’ar” a duniyar gaske - amma yana bayyana koyaushe a cikin wallafe-wallafen kimiyya, yawanci ba a tallafawa. ta gwada dukkan nau'ikan hare-haren DDoS, gami da harin matakin aikace-aikace. Na ƙarshe, saboda aƙalla jigilar TLS na duniya, a fili ba za a iya gano shi ta hanyar auna fakitin cibiyar sadarwa da gudana ba.
Hakanan, har yanzu ba mu san yadda masu siyar da kayan aikin rage DDoS za su dace da gaskiyar TLS 1.3 ba. Saboda rikitaccen fasaha na goyan bayan ƙa'idar da ta fita, haɓakawa na iya ɗaukar ɗan lokaci.
Ƙirƙirar maƙasudai masu dacewa don jagorantar bincike babban ƙalubale ne ga masu ba da sabis na ragewa DDoS. Wani yanki da za a iya fara ci gaba shine
source: www.habr.com