Differences
This shows you the differences between the selected revisions of the page.
| 2020-12-02 | 2020-12-02 | ||
| typo (martin) | mention tls 1.3 (martin) | ||
| Line 14: | Line 14: | ||
| The %%SSL%% is disabled by default to protect you from its known serious vulnerabilities. Enable is only, if the server does not support %%TLS%%. You may want to restrict minimum %%TLS%% version further, in order to prevent WinSCP from using versions of %%TLS%% protocol that suffer from known vulnerabilities (currently %%TLS%% 1.0). | The %%SSL%% is disabled by default to protect you from its known serious vulnerabilities. Enable is only, if the server does not support %%TLS%%. You may want to restrict minimum %%TLS%% version further, in order to prevent WinSCP from using versions of %%TLS%% protocol that suffer from known vulnerabilities (currently %%TLS%% 1.0). | ||
| - | You may want to restrict maximum %%TLS/SSL%% version, when there is an interoperability problem with your server. Particularly %%TLS%% 1.1 and %%TLS%% 1.2 are new and some servers do not implement them correctly. | + | You may want to restrict maximum %%TLS/SSL%% version, when there is an interoperability problem with your server. Particularly %%TLS%% 1.2 and %%TLS%% 1.3 are new and some servers do not implement them correctly. |
| Uncheck //Reuse %%TLS/SSL%% session ID for data connections//, when there is an interoperability problem with your FTPS server when reusing the %%TLS/SSL%% session ID. The option is available for FTP protocol only. | Uncheck //Reuse %%TLS/SSL%% session ID for data connections//, when there is an interoperability problem with your FTPS server when reusing the %%TLS/SSL%% session ID. The option is available for FTP protocol only. | ||