Home Library Learn Downloads Support Community
Sign in | United States - English | |
This topic has not yet been rated - Rate this topic

6 Appendix A: Product Behavior

The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include released service packs:

  • Microsoft Windows NT® operating system

  • Microsoft Windows® 2000 operating system

  • Windows® XP operating system

  • Windows Server® 2003 operating system

  • Windows Server® 2003 operating system with Service Pack 1 (SP1)

  • Windows Server® 2003 R2 operating system

  • Windows Vista® operating system

  • Windows Server® 2008 operating system

  • Windows® 7 operating system

  • Windows Server® 2008 R2 operating system

  • Windows® 8 Consumer Preview operating system

  • Windows Server® 8 Beta operating system

Exceptions, if any, are noted below. If a service pack or Quick Fix Engineering (QFE) number appears with the product version, behavior changed in that service pack or QFE. The new behavior also applies to subsequent service packs of the product unless otherwise specified. If a product edition appears with the product version, behavior is different in that product edition.

Unless otherwise specified, any statement of optional behavior in this specification that is prescribed using the terms SHOULD or SHOULD NOT implies product behavior in accordance with the SHOULD or SHOULD NOT prescription. Unless otherwise specified, the term MAY implies that the product does not follow the prescription.

<1> Section 1: Windows 7, Windows Server 2008 R2, Windows 8 Consumer Preview, and Windows Server 8 Beta implement TLS 1.2 as specified mainly in [RFC5246] with extensions from [RFC4366] and [RFC4681], additional cipher suites from [RFC3268], [RFC4492], [RFC5289], TLS 1.1 from [RFC4346], and SSL from [SSL3]. Windows Vista and Windows Server 2008 implement TLS 1.0 as specified mainly in [RFC2246] with extensions from [RFC3546] and [RFC4681], additional cipher suites from [RFC3268] and [RFC4492], and SSL from [SSL3]. In Windows Server 2003 and Windows XP, TLS was implemented with [RFC2246] and [RFC4681], SSL from [SSL3], and PCT from [PCT1]. Windows NT and Windows 2000 implement SSL from [SSL3] and PCT from [PCT1].

<2> Section 2.2.1: Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 Consumer Preview, and Windows Server 8 Beta support [RFC4492], except for ECDH cipher suites.

<3> Section 2.2.1: Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 Consumer Preview, and Windows Server 8 Beta support [RFC4492], except for not allowing cipher suites where the number of bits used in the public key algorithm is less than the number of bits used in the signing algorithm.

<4> Section 2.2.1: Windows accepts a unified format Client Hello message even when SSL version 2 is disabled.

<5> Section 2.2.2: Windows has a decoupling of the network layer from the SSL/TLS layer and thus will not be able to ensure alert messages are sent.

<6> Section 2.2.3: Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 Consumer Preview, and Windows Server 8 Beta support sending and receiving the Certificate Status Request extension from [RFC4366] and [RFC3546].

<7> Section 2.2.3: Windows supports sending and receiving the User Mapping extension using UPN domain hint from [RFC4681].

<8> Section 2.2.3: Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 Consumer Preview, and Windows Server 8 Beta support sending the Server Name Indications from [RFC4366] and [RFC3546] in the ClientHello. Windows 8 Consumer Preview and Windows Server 8 Beta support sending and receiving the Server Name Indications.

<9> Section 2.2.4: Windows does not require that the signing algorithm used by the issuer of a certificate match the algorithm in the end certificate.

<10> Section 2.2.4: Windows does not require particular key usage extension bits to be set in certificates.

<11> Section 2.2.4: Windows omits the root certificate by default when sending certificate chains.

<12> Section 3.1.5: If a session fails during bulk data transfer, Windows does not prevent attempted resumption of the session.

<13> Section 3.1.5: Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 Consumer Preview, and Windows Server 8 Beta do not support or process extensions within the Certificate Status Request extension.

<14> Section 3.1.5: Windows does not ignore a HelloRequest received even in the middle of a handshake.

<15> Section 3.1.5: Windows ignores both unrequested and duplicate extensions in both ClientHello and ServerHello.

 
Did you find this helpful?
(1500 characters remaining)