Differences
This shows you the differences between the selected revisions of the page.
| 2014-10-24 | 2015-02-18 | ||
| ssl 2.0 removed in beta (martin) | releasing 5.7 stable, removing &beta tags (or replacing with &recent) (martin) | ||
| Line 12: | Line 12: | ||
| Using //Minimum// and //Maximum TLS/SSL version// selections, you can configure what versions of TLS/SSL is WinSCP allowed to use. | Using //Minimum// and //Maximum TLS/SSL version// selections, you can configure what versions of TLS/SSL is WinSCP allowed to use. | ||
| - | SSL (2.0 and 3.0) (* 2.0 removed in &beta *) is disabled by default to protect you from their known serious vulnerabilities. Enable them only, if the server does not support TLS. You may want to restrict minimum TLS version further, in order to prevent WinSCP from using versions of TLS protocol that suffer form known vulnerabilities (currently TLS 1.0). | + | SSL is disabled by default to protect you from its known serious vulnerabilities. Enable is only, if the server does not support TLS. You may want to restrict minimum TLS version further, in order to prevent WinSCP from using versions of TLS protocol that suffer form known vulnerabilities (currently TLS 1.0). |
| You may want to restrict maximum TLS/SSL version, when there is an interoperability problem with your FTPS/WebDAVS server. Particularly TLS 1.1 and TLS 1.2 are new and some servers do not implement them correctly. | You may want to restrict maximum TLS/SSL version, when there is an interoperability problem with your FTPS/WebDAVS server. Particularly TLS 1.1 and TLS 1.2 are new and some servers do not implement them correctly. | ||