关键词: SSL TLS 独立端口 磋商升级

Abstract:

Most SSL/TLS-based security applications adopt two strategies： the separate port strategy and the upward negotiation strategy. This paper discusses t he principle of the two strategies and compares the advantages and disadvantages of the two, and then analyzes the problems of downgrade attacks and the difference of semantics causing connection failures which emerge when the two strategies are being implemented. And the solutions to these problems are  also promoted.

Key words: SSL, TLS, separate port, upward negotiation