Differences
This shows you the differences between the selected revisions of the page.
| tls 2018-09-28 | tls 2024-02-15 (current) | ||
| Line 1: | Line 1: | ||
| - | ====== Transport Layer | + | ====== Transport Layer Security ====== |
| Transport Layer Security (%%TLS%%) and its predecessor, Secure Sockets Layer (%%SSL%%), are cryptographic protocols designed to provide communication security over the Internet. They use X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom they are communicating, and to exchange a symmetric key. This session key is then used to encrypt data flowing between the parties. ((&wikipedia_ref(Transport_Layer_Security|Transport Layer Security))) | Transport Layer Security (%%TLS%%) and its predecessor, Secure Sockets Layer (%%SSL%%), are cryptographic protocols designed to provide communication security over the Internet. They use X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom they are communicating, and to exchange a symmetric key. This session key is then used to encrypt data flowing between the parties. ((&wikipedia_ref(Transport_Layer_Security|Transport Layer Security))) | ||
| Line 16: | Line 16: | ||
| Supported client certificate file formats are: | Supported client certificate file formats are: | ||
| - | * Personal Information Exchange - PCKS #12 (''.pfx'' or ''.p12''); | + | * Personal Information Exchange -- PCKS #12 (''.pfx'' or ''.p12''); |
| * Base64 encoded PEM X.509 (''.pem'' or ''.key''), either: | * Base64 encoded PEM X.509 (''.pem'' or ''.key''), either: | ||
| * containing both private key and the certificate; | * containing both private key and the certificate; | ||
| Line 22: | Line 22: | ||
| ===== Supported Cryptographic Protocols and Cipher Suites ===== | ===== Supported Cryptographic Protocols and Cipher Suites ===== | ||
| - | WinSCP supports %%TLS%% 1.0·-·1.2 and %%SSL%% 3.0. | + | WinSCP supports %%TLS%% 1.0--1.3. The %%TLS%% 1.0 and 1.1 are disabled by default, to protect you from their known serious vulnerabilities. Obsolete %%SSL%% of any version is not supported. |
| See list of [[tls_ciphersuites|supported cipher suites]]. | See list of [[tls_ciphersuites|supported cipher suites]]. | ||