Revisi per 31 Mei 2020 03.35 sunting PinkDash (bicara \| kontrib) Pengecualian blokir IP, Peninjau 14.640 suntingan Masih banyak dan saya sudah capek Tag: VisualEditor ← Revisi sebelumnya		Revisi per 4 Juni 2020 06.10 sunting balikkan PinkDash (bicara \| kontrib) Pengecualian blokir IP, Peninjau 14.640 suntingan →Aplikasi dan penerapan Tag: VisualEditor Revisi selanjutnya →
Baris 132: Sertifikat kunci publik yang digunakan selama pertukaran / perjanjian juga bervariasi dalam ukuran kunci enkripsi publik / swasta yang digunakan selama pertukaran dan karenanya ketahanan keamanan yang diberikan. Pada Juli 2013, [[Google]] mengumumkan bahwa mereka tidak akan lagi menggunakan kunci publik 1024-bit dan akan beralih ke kunci 2048-bit untuk meningkatkan keamanan enkripsi TLS yang diberikannya kepada penggunanya karena kekuatan enkripsi terkait langsung dengan ukuran kunci.<ref>{{Cite web\|url=https://www.computing.co.uk/news/2285984/google-updates-ssl-certificates-to-2048bit-encryption\|title=Google updates SSL certificates to 2048-bit encryption\|date=2013-07-31\|website=www.computing.co.uk\|language=en\|access-date=2020-05-30}}</ref> {{anchor\|keyexchange-table}} {\| class="wikitable" style="text-align:center" \|+Pertukaran kunci / perjanjian dan otentikasi !Algorithm !SSL 2.0 !SSL 3.0 !TLS 1.0 !TLS 1.1 !TLS 1.2 !TLS 1.3 !Status \|-! {{Depends\|[[RSA (cryptosystem)\|RSA]]}}\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{N/A\|No}} \| rowspan="19" \|Defined for TLS 1.2 in RFCs \|-!{{Depends\|[[Diffie–Hellman key exchange\|DH]]-[[RSA (cryptosystem)\|RSA]]}}\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{N/A\|No}} \|-!{{Good\|[[Diffie–Hellman key exchange\|DHE]]-[[RSA (cryptosystem)\|RSA]] ([[#Forward secrecy\|forward secrecy]])}}\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|-!{{Depends\|[[Elliptic-curve Diffie–Hellman\|ECDH]]-[[RSA (cryptosystem)\|RSA]]}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{N/A\|No}} \|-!{{Good\|[[Elliptic-curve Diffie–Hellman\|ECDHE]]-[[RSA (cryptosystem)\|RSA]] ([[#Forward secrecy\|forward secrecy]])}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|-!{{Depends\|[[Diffie–Hellman key exchange\|DH]]-[[Digital Signature Algorithm\|DSS]]}}\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{N/A\|No}} \|-!{{Good\|[[Diffie–Hellman key exchange\|DHE]]-[[Digital Signature Algorithm\|DSS]] ([[#Forward secrecy\|forward secrecy]])}}\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{N/A\|No}}<ref>{{cite web\|url=https://www.ietf.org/mail-archive/web/tls/current/msg17680.html\|title=Consensus: remove DSA from TLS 1.3\|date=September 17, 2015\|author=Sean Turner\|url-status=live\|archiveurl=https://web.archive.org/web/20151003193113/http://www.ietf.org/mail-archive/web/tls/current/msg17680.html\|archivedate=October 3, 2015\|df=}}</ref> \|-!{{Depends\|[[Elliptic-curve Diffie–Hellman\|ECDH]]-[[Elliptic Curve DSA\|ECDSA]]}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{N/A\|No}} \|-!{{Good\|[[Elliptic-curve Diffie–Hellman\|ECDHE]]-[[Elliptic Curve DSA\|ECDSA]] ([[#Forward secrecy\|forward secrecy]])}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|-!{{Depends\|[[TLS-PSK\|PSK]]}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \| \|-!{{Depends\|[[Pre-shared key\|PSK]]-[[RSA (cryptosystem)\|RSA]]}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \| \|-!{{Good\|[[Diffie–Hellman key exchange\|DHE]]-[[Pre-shared key\|PSK]] ([[#Forward secrecy\|forward secrecy]])}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|-!{{Good\|[[Elliptic-curve Diffie–Hellman\|ECDHE]]-[[Pre-shared key\|PSK]] ([[#Forward secrecy\|forward secrecy]])}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \|-!{{Depends\|[[TLS-SRP\|SRP]]}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \| \|-!{{Depends\|[[Secure Remote Password protocol\|SRP]]-[[Digital Signature Algorithm\|DSS]]}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \| \|-!{{Depends\|[[Secure Remote Password protocol\|SRP]]-[[RSA (cryptosystem)\|RSA]]}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \| \|-!{{Depends\|[[Kerberos (protocol)\|Kerberos]]}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \| \|-! {{Bad\|[[Diffie–Hellman key exchange\|DH]]-ANON (insecure)}}\| {{N/a\|No}} \|\| {{No\|Yes}} \|\| {{No\|Yes}} \|\| {{No\|Yes}} \|\| {{No\|Yes}} \| \|-! {{Bad\|[[Elliptic-curve Diffie–Hellman\|ECDH]]-ANON (insecure)}}\| {{N/a\|No}} \|\| {{N/a\|No}} \|\| {{No\|Yes}} \|\| {{No\|Yes}} \|\| {{No\|Yes}} \| \|-!{{Good\|[[GOST\|GOST R 34.10-94 / 34.10-2001]]<ref name=gostlink>[//tools.ietf.org/html/draft-chudov-cryptopro-cptls-04 draft-chudov-cryptopro-cptls-04 – GOST 28147-89 Cipher Suites for Transport Layer Security (TLS)]</ref>}}\| {{No}} \|\| {{No}} \|\| {{Yes}} \|\| {{Yes}} \|\| {{Yes}} \| \|Proposed in RFC drafts \|} == Dukungan untuk server virtual berbasis nama ==

Keamanan Lapisan Transportasi: Perbedaan antara revisi