{"draft":"draft-ietf-tls-renegotiation-03","doc_id":"RFC5746","title":"Transport Layer Security (TLS) Renegotiation Indication Extension","authors":["E. Rescorla","M. Ray","S. Dispensa","N. Oskov"],"format":["ASCII","HTML"],"page_count":"15","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Transport Layer Security","abstract":"Secure Socket Layer (SSL) and Transport Layer Security (TLS)\r\nrenegotiation are vulnerable to an attack in which the attacker forms\r\na TLS connection with the target server, injects content of his\r\nchoice, and then splices in a new TLS connection from a client.  The\r\nserver treats the client's initial TLS handshake as a renegotiation\r\nand thus believes that the initial data transmitted by the attacker is\r\nfrom the same entity as the subsequent client data.  This\r\nspecification defines a TLS extension to cryptographically tie\r\nrenegotiations to the TLS connections they are being performed over,\r\nthus preventing this attack.  [STANDARDS-TRACK]","pub_date":"February 2010","keywords":["[--------]","ssl","secure socket layer"],"obsoletes":[],"obsoleted_by":[],"updates":["RFC5246","RFC4366","RFC4347","RFC4346","RFC2246"],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC5746","errata_url":null}