SSL 2.0

E6788
cryptographic protocol network security protocol obsolete protocol

SSL 2.0 is an early, now-obsolete version of the Secure Sockets Layer protocol that provided encrypted communication over networks before being replaced by more secure successors like TLS.

Aliases (3)
Statements (48)
Predicate Object
instanceOf cryptographic protocol
network security protocol
obsolete protocol
abbreviationFor Secure Sockets Layer version 2.0
belongsToCategory Internet protocols
transport layer security protocols
designedFor encrypted communication over computer networks
securing HTTP traffic
securing TCP connections
developedBy Netscape Communications
disabledByDefaultIn modern web browsers
modern web servers
enables confidentiality
integrity
server authentication
follows SSL 1.0
hasProperty does not protect the integrity of the handshake
no support for strong modern ciphers
supports only server authentication by default
vulnerable to man-in-the-middle attacks
vulnerable to truncation attacks
weak MAC construction
weak key material generation
hasVersionNumber 2.0
historicalRole early standard for securing web traffic
foundation for later SSL and TLS versions
introducedInYear 1995
notRecommendedBy IETF
security best practices
partOf Secure Sockets Layer
precedes SSL 3.0
TLS 1.0
prohibitedBy RFC 6176
prohibitedIn TLS protocol specifications
replacedBy SSL 3.0
TLS 1.0
Transport Layer Security
specifiedIn RFC 6176 (prohibition of SSL 2.0)
status deprecated
insecure
obsolete
supports X.509 certificates
usedPortTypically TCP port 443
usedWith HTTPS
early secure web applications
uses message authentication codes
public key cryptography
symmetric key cryptography
Referenced by (10)
Subject (surface form when different) Predicate
RFC 6176 ("SSL 2.0 is obsolete")
RFC 6176 ("SSL 2.0 is insecure")
reason
SSL 2.0 ("Secure Sockets Layer version 2.0")
abbreviationFor
RFC 6176
deprecates
RFC 6176
disallowsUseOf
SSL 3.0
follows
SSL
hasVersion
RFC 6176
obsoletesProtocol
RFC 6176
prohibitsUseOf
TLS
successorTo
Please wait…