TLS 1.0 to 1.2, why?

Hi @sdayman,

Sorry for intruding on the thread, but could you tell me why it would be a good idea to change the Minimum TLS version from 1.0 to 1.2 minimum?

Thanks in advance! :slight_smile:

Because anything less than TLS 1.2 is not deemed to be secure any more, and in less than 12 months all the major browsers will stop supporting 1.0 and 1.1.

Save yourself the trouble of trying to figure out if you still need it any more, and just don’t support it from the beginning.

https://webkit.org/blog/8462/deprecation-of-legacy-tls-1-0-and-1-1-versions/

https://blogs.windows.com/msedgedev/2018/10/15/modernizing-tls-edge-ie11/

https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/

4 Likes

Thank you very much, @michael!
A concise answer, full of references. It couldn’t be better. :blush:

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.