Iyo Internet Injiniya Task Force (IETF), iyo inovandudza Internet protocol uye zvivakwa, yakaburitsa RFC 8996, ichibvisa zviri pamutemo TLS 1.0 uye 1.1.
Iyo TLS 1.0 yakatarwa yakaburitswa muna Ndira 1999. Makore manomwe gare gare, iyo TLS 1.1 yekuvandudza yakaburitswa nekuvandudzwa kwekuchengetedza zvine chekuita nechizvarwa chekutanga mavheji uye padding. Maererano neSSL Pulse sevhisi, kubva muna Ndira 16, iyo TLS 1.2 protocol inotsigirwa ne95.2% yemawebhusaiti inobvumira kugadzwa kwekubatana kwakachengeteka, uye TLS 1.3 - ne14.2%. TLS 1.1 yekubatanidza inotambirwa ne77.4% yemasaiti eHTTPS, nepo TLS 1.0 yakabatana inogamuchirwa ne68%. Inenge 21% yemasaiti zviuru zana ekutanga anoratidzwa mu Alexa ranking haasati ashandisa HTTPS.
Matambudziko makuru eTLS 1.0/1.1 kushaikwa kwerutsigiro rwemaciphers emazuva ano (semuenzaniso, ECDHE neAEAD) uye kuvapo mukutsanangurwa kwechinodikanwa chekutsigira ciphers ekare, kuvimbika kwacho kunobvunzwa panguva ino yebudiriro. yetekinoroji yekombuta (somuenzaniso, rutsigiro rweTLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA runodiwa pakuongorora kutendeseka nekusimbisa MD5 neSHA-1 zvinoshandiswa). Tsigiro yealgorithms echinyakare yakatotungamira mukurwiswa seROBOT, DROWN, BEAST, Logjam uye FREAK. Nekudaro, matambudziko aya haana kutariswa zvakananga kukanganiswa kweprotocol uye akagadziriswa pamwero wekuita kwayo. Iyo TLS 1.0 / 1.1 maprotocol pachawo anoshaya hutete hwakanyanya hunogona kushandiswa kuita kurwisa kunoshanda.
Source: opennet.ru