Low prices! Originals & Translations! Save your budget and time!
ONLINENORMS: Online Standards Store
Click View Shopping Cart
  1. Home
  2. IETF
  3. IETF RFC 7627 PDF

IETF RFC 7627 PDF

IETF RFC 7627 PDF

Name:
IETF RFC 7627 PDF

Published Date:
09/01/2015

Status:
[ Active ]

Description:

Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension

Publisher:
Internet Engineering Task Force

Document status:
Active
Format:
Electronic (PDF)
Delivery time:
10 minutes
Delivery time (for Russian version):
200 business days
SKU:
Choose Document Language:
$10.2
Need Help?

The Transport Layer Security (TLS) master secret is not cryptographically bound to important session parameters such as the server certificate. Consequently, it is possible for an active attacker to set up two sessions, one with a client and another with a server, such that the master secrets on the two sessions are the same. Thereafter, any mechanism that relies on the master secret for authentication, including session resumption, becomes vulnerable to a man-in-the-middle attack, where the attacker can simply forward messages back and forth between the client and server. This specification defines a TLS extension that contextually binds the master secret to a log of the full handshake that computes it, thus preventing such attacks.


Edition : 15
File Size : 1 file , 24 KB
Number of Pages : 15
Published : 09/01/2015

History

Related products

IETF RFC 6397
IETF RFC 6397
Published Date: 10/01/2011
Multi-Threaded Routing Toolkit (MRT) Border Gateway Protocol (BGP) Routing Information Export Format with Geo-Location Extensions
$9.6
IETF RFC 3395
IETF RFC 3395
Published Date: 09/01/2002
Remote Network Monitoring MIB Protocol Identifier Reference Extensions
$11.1

Best-Selling Products

Chemistry for Engineers & Scientists
Chemistry for Engineers & Scientists
Published Date: 01/01/1990
$7.5
Critical Thinking & Writing for Science & Technology
Critical Thinking & Writing for Science & Technology
Published Date: 09/01/1989
$12.9