This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Deprecating TLSv1.0 and TLSv1.1
Deprecating TLSv1.0 and TLSv1.1

Version management

Difference between version and

At line 1 added 37 lines
!!! Overview
[{$pagename}] is an [Internet Draft] which [Deprecated] [Transport Layer Security] ([TLS 1.0]) [versions] 1.0 [RFC 2246] and [TLS 1.1] [RFC 4346] were superseded by [TLS 1.2] [RFC 5246] in [2008|Year 2008], which has now itself been superseded by [TLS 1.3] [RFC 8446] in August [2018|Year 2018]
It is therefore timely to further deprecate these old [versions].
Technical reasons for deprecating these versions include:
* They require [implementation] of older [Cipher Suites] that are no longer desirable for [cryptographic] reasons, e.g. [TLS 1.0] makes TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA mandatory to implement
* Lack of support for current recommended cipher suites, especially using [AEAD] [ciphers] which are not supported prior to [TLS 1.2].
** Note: [IANA Registry] entries for no-longer-desirable [Cipher Suites] remain in the [registries|IANA Registry], but many [TLS] registries are being updated through [RFC 8447] which denotes such entries as "[NOT RECOMMENDED]."
* Integrity of the handshake depends on [SHA-1] [hash]
* Authentication of the peers depends on [SHA-1] [Digital Signatures]
* Support for four [protocol] [versions] increases the likelihood of misconfiguration
* At least one widely-used library has plans to drop TLSv1.1 and TLSv1.0 support in upcoming releases; products using such libraries would need to use older versions of the libraries to support TLSv1.0 and TLSv1.1, which is clearly undesirable
!! [Browsers] and [{$pagename}]
[Google]'s [Chrome], [Mozilla]'s [Firefox], [Microsoft]'s [Edge] and [Internet Explorer] 11, and [Apple]’s [Safari] [browser] are all due to revoke support for [TLS 1.0] and [TLS 1.1] by March 31, [2020|Year 2020].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Deprecating TLSv1.0 and TLSv1.1|https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-06|target='_blank'] - based on information obtained 2020-01-12
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop