Kumayambiriro kwa chaka, mu lipoti lazovuta za intaneti ndi kupezeka kwa 2018-2019
IETF TLS Working Group Chairs
"Mwachidule, TLS 1.3 iyenera kupereka maziko a intaneti yotetezeka komanso yothandiza kwambiri pazaka 20 zikubwerazi."
Development
Malinga ndi Eric Rescorla (Firefox CTO ndi wolemba yekha wa TLS 1.3)
"Uku ndikulowa m'malo mwa TLS 1.2, pogwiritsa ntchito makiyi ndi ziphaso zofanana, kotero kasitomala ndi seva amatha kulankhulana pa TLS 1.3 ngati onse akugwirizana nazo," adatero. "Pali kale chithandizo chabwino pa library, ndipo Chrome ndi Firefox zimathandizira TLS 1.3 mwachisawawa."
Mofananamo, TLS ikutha mu gulu la IETF
Mndandanda wazomwe zakhazikitsidwa za TLS 1.3 zilipo pa Github kwa aliyense amene akufuna laibulale yoyenera kwambiri:
Zomwe zasintha kuyambira TLS 1.2?
Kuchokera
"Kodi TLS 1.3 imapangitsa bwanji dziko kukhala malo abwinoko?
TLS 1.3 imaphatikizanso zabwino zina zaukadaulo - monga kugwirana chanza kosavuta kukhazikitsa kulumikizana kotetezeka - komanso imalola makasitomala kuyambiranso mwachangu magawo ndi maseva. Njirazi zimapangidwira kuchepetsa kukhazikika kwa kulumikizidwa ndi kulephera kwa kulumikizana pa maulalo ofooka, omwe nthawi zambiri amagwiritsidwa ntchito ngati zifukwa zoperekera maulumikizidwe osadziwika a HTTP.
Chofunika kwambiri, chimachotsa kuthandizira kwa zolowa zingapo komanso kubisa kotetezedwa ndi ma hashing algorithms omwe amaloledwabe (ngakhale osavomerezeka) kuti agwiritsidwe ntchito ndi mitundu yakale ya TLS, kuphatikiza SHA-1, MD5, DES, 3DES, ndi AES-CBC. kuwonjezera chithandizo cha ma cipher suites atsopano. Kuwongolera kwina kumaphatikizapo zinthu zambiri zobisika za kugwirana chanza (mwachitsanzo, kusinthana kwa chidziwitso cha chiphaso tsopano chabisidwa) kuti muchepetse kuchuluka kwa chidziwitso kwa munthu yemwe angamvepo za magalimoto, komanso kupititsa patsogolo chinsinsi mukamagwiritsa ntchito njira zina zosinthira kuti kulumikizana. nthawi zonse ayenera kukhala otetezeka ngakhale ma algorithms omwe amagwiritsidwa ntchito kubisa angasokonezedwe mtsogolo. β
Kupanga ma protocol amakono ndi DDoS
Monga momwe mwawerengera kale, panthawi ya chitukuko cha protocol
Zifukwa zomwe zingafunikire izi zafotokozedwa mu chikalatacho,
Ngakhale sitinakonzekere kufotokozera zofunikira pakuwongolera, pulogalamu yathu yochepetsera ya DDoS (kuphatikiza yankho
Komanso, kuyambira kukhazikitsidwa, palibe mavuto okhudzana ndi kubisa kwamayendedwe omwe adadziwika. Ndizovomerezeka: TLS 1.3 yakonzeka kupanga.
Komabe, pali vuto lomwe limakhudzana ndi kukhazikitsidwa kwa ma protocol am'badwo wotsatira. Vuto ndilakuti kupita patsogolo kwa protocol mu IETF nthawi zambiri kumadalira kwambiri kafukufuku wamaphunziro, ndipo momwe kafukufuku wamaphunziro amathandizira pakuchepetsa kukana ntchito kwa anthu ndi woipa.
Kotero, chitsanzo chabwino chingakhale
Zotsirizirazi ndizosowa kwambiri m'mabizinesi enieni (ndipo zimagwira ntchito pang'ono ku ISPs), ndipo mulimonsemo sizingakhale "zochitika zonse" mdziko lenileni - koma zimawonekera pafupipafupi m'mabuku asayansi, nthawi zambiri sizimathandizidwa. poyesa kuchuluka konsekonse komwe kungathe kuchitika pa DDoS, kuphatikiza kuukira kwa ma application level. Chotsatiracho, chifukwa cha kutumizidwa kwapadziko lonse kwa TLS, mwachiwonekere sikungadziwike ndi kuyeza kwapaketi ndi mayendedwe a netiweki.
Momwemonso, sitikudziwa momwe ogulitsa ma hardware a DDoS angagwirizane ndi zenizeni za TLS 1.3. Chifukwa cha zovuta zaukadaulo zothandizira pulogalamu yakunja kwa gulu, kukweza kungatenge nthawi.
Kukhazikitsa zolinga zoyenera kutsogolera kafukufuku ndizovuta kwambiri kwa opereka chithandizo chochepetsera DDoS. Mbali imodzi yomwe chitukuko chingayambire ndi
Source: www.habr.com