Thaum pib ntawm lub xyoo, hauv tsab ntawv ceeb toom txog teeb meem hauv Internet thiab kev siv tau rau 2018-2019
IETF TLS Cov Rooj Sib Tham Ua Haujlwm
"Hauv luv luv, TLS 1.3 yuav tsum muab lub hauv paus rau kev nyab xeeb dua thiab siv Internet rau 20 xyoo tom ntej."
Kev loj hlob
Raws li Eric Rescorla (Firefox CTO thiab tus kws sau ntawv ntawm TLS 1.3)
Nws tau hais tias "Qhov no yog qhov hloov pauv tag nrho rau TLS 1.2, siv tib cov yuam sij thiab daim ntawv pov thawj, yog li tus neeg siv khoom thiab cov neeg siv khoom tuaj yeem sib txuas lus ntawm TLS 1.3 yog tias lawv ob leeg txhawb nqa," nws hais. "Tseem muaj kev txhawb nqa zoo nyob rau qib tsev qiv ntawv, thiab Chrome thiab Firefox pab TLS 1.3 los ntawm lub neej ntawd."
Nyob rau tib lub sijhawm, TLS tau xaus rau hauv pawg neeg ua haujlwm IETF
Daim ntawv teev cov kev siv TLS 1.3 tam sim no muaj nyob rau ntawm Github rau txhua tus uas tab tom nrhiav rau lub tsev qiv ntawv uas tsim nyog tshaj plaws:
Dab tsi tau hloov txij li TLS 1.2?
Ntawm qhov
"TLS 1.3 ua rau lub ntiaj teb zoo dua li cas?
TLS 1.3 suav nrog qee qhov txiaj ntsig zoo-xws li kev sib koom tes yooj yim los tsim kom muaj kev sib txuas ruaj ntseg-thiab tseem tso cai rau cov neeg siv khoom rov pib dua sai dua nrog cov servers. Cov kev ntsuas no yog npaj los txo qis kev sib txuas teeb tsa latency thiab kev sib txuas tsis ua haujlwm ntawm cov kev sib txuas tsis muaj zog, uas feem ntau yog siv los ua kev ncaj ncees rau kev muab kev sib txuas HTTP nkaus xwb uas tsis tau encrypted.
Ib yam li qhov tseem ceeb, nws tshem tawm kev txhawb nqa rau ntau qhov qub txeeg qub teg thiab tsis muaj kev ruaj ntseg encryption thiab hashing algorithms uas tseem tso cai (tab sis tsis pom zoo) rau siv nrog cov versions dhau los ntawm TLS, suav nrog SHA-1, MD5, DES, 3DES, thiab AES-CBC. ntxiv kev txhawb nqa rau cov tshiab cipher suites. Lwm yam kev txhim kho muaj xws li ntau encrypted ntsiab ntawm kev sib tuav tes (piv txwv li, kev sib pauv ntawm daim ntawv pov thawj cov ntaub ntawv tam sim no encrypted) kom txo tau tus nqi ntawm cov lus qhia rau ib tug muaj peev xwm khiav tsheb eavesdropper, nrog rau kev txhim kho rau xa mus rau secrecy thaum siv tej yam kev pauv tseem ceeb hom kom kev sib txuas lus. Txhua lub sijhawm yuav tsum nyob ruaj ntseg txawm tias cov algorithms siv los encrypt nws raug cuam tshuam rau yav tom ntej. "
Kev tsim kho cov txheej txheem niaj hnub thiab DDoS
Raws li koj tau nyeem lawm, thaum lub sij hawm tsim kho raws tu qauv
Cov laj thawj vim li cas qhov no yuav tsum tau teev tseg hauv cov ntaub ntawv,
Thaum peb yeej tsis tau npaj los xav txog cov kev cai tswjfwm, peb daim ntawv thov tsim nyog DDoS cov khoom txo qis (nrog rau kev daws teeb meem
Tsis tas li ntawd, txij li kev siv, tsis muaj teeb meem cuam tshuam txog kev thauj mus los encryption tau raug txheeb xyuas. Nws yog official: TLS 1.3 yog npaj rau ntau lawm.
Txawm li cas los xij, tseem muaj teeb meem cuam tshuam nrog kev txhim kho cov txheej txheem txuas ntxiv mus. Qhov teeb meem yog tias cov txheej txheem kev nce qib hauv IETF feem ntau yog nyob ntawm kev tshawb fawb kev kawm, thiab lub xeev ntawm kev tshawb fawb kev kawm hauv thaj tsam ntawm kev txo qis kev tsis lees paub ntawm kev pabcuam kev tawm tsam yog qhov tsis txaus ntseeg.
Yog li, piv txwv zoo yuav yog
Qhov kawg yog, qhov tseeb, tsis tshua muaj nyob rau hauv qhov chaw ua lag luam tiag tiag (thiab tsuas yog siv tau rau ISPs), thiab nyob rau hauv txhua rooj plaub tsis zoo li yuav yog "cov ntaub ntawv dav dav" hauv ntiaj teb tiag tiag - tab sis tshwm sim tas li hauv cov ntawv tshaj tawm tshawb fawb, feem ntau tsis txhawb nqa. los ntawm kev sim tag nrho cov spectrum ntawm qhov muaj peev xwm DDoS tawm tsam, suav nrog kev siv qib kev tawm tsam. Qhov kawg, vim tsawg kawg yog qhov kev xa tawm thoob ntiaj teb ntawm TLS, pom tseeb tsis tuaj yeem kuaj pom los ntawm kev ntsuas tsis zoo ntawm cov pob ntawv network thiab ntws.
Ib yam li ntawd, peb tseem tsis tau paub yuav ua li cas DDoS txo cov neeg muag khoom kho vajtse yuav hloov mus rau qhov tseeb ntawm TLS 1.3. Vim muaj kev nyuaj ntawm kev txhawb nqa cov txheej txheem tawm ntawm pawg, kev txhim kho yuav siv sij hawm qee lub sijhawm.
Teem lub hom phiaj zoo los qhia kev tshawb fawb yog qhov nyuaj rau DDoS cov chaw muab kev pab cuam txo qis. Ib cheeb tsam uas kev loj hlob tuaj yeem pib yog
Tau qhov twg los: www.hab.com