I was confused about TLSv1 and did a little research that I thought I'd share.
>From Intel's web site: As with any protocol, SSL has evolved from the initial 1.0 version into the most recent 3.0 version. Active development on SSLv3 has stopped, and the SSL protocol has been transitioned from a Netscape-owned standard into an open standard, which has been renamed Transport Layer Security (TLS), and is currently nearing version 1.0. The changes between SSLv3 and TLSv1 are relatively minor, however, there are some significant differences between earlier (SSLv1 and SSLv2) protocols and SSLv3. This is largely academic though, as SSLv2 has been found to have relatively major security issues, and nearly every SSL session that occurs today uses either SSLv3 or TLSv1. With that knowledge I found the RFC, 2246. http://www.ietf.org/rfc/rfc2246.txt Mike -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Victor Kirhenshtein Sent: Wednesday, February 27, 2002 1:48 PM To: Nessus-List Subject: NessusWX 1.3.3 is released Hello all! NessusWX version 1.3.3 is just released. Main difference from the previous release is in encryption: new version support user authentication using certificates, TLSv1 encryption method (which is the default since Nessus 1.1.13), while PEKS support is removed as obsolete. New version can be download from http://www.securityprojects.org/nessuswx . Best regards, Victor
