Read Time:47 Seconds
- It’s Dangerous to Use Outdated TLS Security Protocols
- TLS 1.0 was first defined in RFC 2246 in January 1999 as an upgrade of SSL Version 3.0, and written by Christopher Allen and Tim Dierks of Consensus Development.
- In October 2018, Apple, Google, Microsoft, and Mozilla jointly announced they would deprecate TLS 1.0 and 1.1 in March 2020.
- You must disable support for SSLv2, SSLv3, and TLS 1.0 because they are outdated and vulnerable
- You should disable TLS 1.1 if you can because there are known security vulnerabilities such as vulnerable to BEAST and FREAK
- You should enable TLS 1.2 and 1.3 as these are the current and secure versions