GitHub yaganiza zosiya kuthandizira TLS 1.0 ndi 1.1 munkhokwe ya phukusi la NPM ndi masamba onse okhudzana ndi woyang'anira phukusi la NPM, kuphatikiza npmjs.com. Kuyambira pa Okutobala 4, kulumikiza kunkhokwe, kuphatikiza kuyika mapaketi, kudzafunika kasitomala yemwe amathandizira osachepera TLS 1.2. Pa GitHub palokha, kuthandizira kwa TLS 1.0/1.1 kudayimitsidwa mu February 2018. Cholinga chake akuti ndikukhudzidwa ndi chitetezo cha mautumiki ake komanso chinsinsi cha deta ya ogwiritsa ntchito. Malinga ndi GitHub, pafupifupi 99% ya zopempha ku NPM repository zapangidwa kale pogwiritsa ntchito TLS 1.2 kapena 1.3, ndipo Node.js yaphatikizirapo chithandizo cha TLS 1.2 kuyambira 2013 (kuyambira kumasulidwa 0.10), kotero kusinthaku kudzangokhudza gawo laling'ono la ogwiritsa.
Tikumbukire kuti ma protocol a TLS 1.0 ndi 1.1 adasankhidwa kukhala matekinoloje achikale ndi IETF (Internet Engineering Task Force). Mafotokozedwe a TLS 1.0 adasindikizidwa mu Januware 1999. Zaka zisanu ndi ziwiri pambuyo pake, zosintha za TLS 1.1 zidatulutsidwa ndikusintha kwachitetezo kokhudzana ndi m'badwo wa ma vector oyambitsa ndi padding. Zina mwazovuta zazikulu za TLS 1.0 / 1.1 ndi kusowa kwa chithandizo cha ma ciphers amakono (mwachitsanzo, ECDHE ndi AEAD) komanso kupezeka mwachidziwitso chofunikira chothandizira zilembo zakale, kudalirika kwake komwe kumafunsidwa pakali pano. chitukuko cha umisiri wamakompyuta (mwachitsanzo, kuthandizira kwa TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA kumafunika kuti muwone ngati MD5 ndi SHA-1 ndizowona). Kuthandizira ma algorithms akale kwadzetsa kale kuukira monga ROBOT, DROWN, BEAST, Logjam ndi FREAK. Komabe, mavutowa sanali kuonedwa mwachindunji chiwopsezo protocol ndipo anathetsedwa pa mlingo wa kukhazikitsa kwake. Ma protocol a TLS 1.0/1.1 pawokha alibe zovuta zomwe zingagwiritsidwe ntchito pochita ziwonetsero.
Source: opennet.ru