Prohibiting SSL Version 2.0

Document Type Replaced Internet-Draft (individual in sec area)
Author Sean Turner 
Last updated 2015-10-14 (latest revision 2010-07-26)
Replaced by RFC 6176
Stream Internet Engineering Task Force (IETF)
Intended RFC status Best Current Practice
Expired & archived
pdf htmlized bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state Replaced by draft-ietf-tls-ssl2-must-not
Action Holders
Consensus Boilerplate Unknown
Telechat date
Responsible AD Alexey Melnikov
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document requires that when TLS clients and servers establish connections that they never negotiate the use of Secure Sockets Layer (SSL) version 2.0. This document updates the backward compatibility sections found in the Transport Security Layer (TLS) Protocol, RFC 5246.


Sean Turner (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)