Stream: implementers
Topic: TLS 1.2 or higher
John Moehrke (Jun 26 2018 at 21:06):
The Security WG is considering setting a minimum requirement of TLS 1.2 or higher. We understand that there might be legacy systems that do not yet support TLS 1.2, but need to understand how large the impact would be. Please let me know if you have systems that would not be able to support TLS 1.2 or higher?
Note that IETF Best Current Practice allows TLS 1.1 only where the two systems do not support TLS 1.2, and only allows TLS 1.0 when the two systems do not support TLS 1.1 or TLS 1.2. https://tools.ietf.org/html/bcp195
Note that PCI recommendations specify TLS 1.1 or higher, with a recommendation to use TLS 1.2 https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls
Kevin Shekleton (Jun 27 2018 at 19:24):
For those that want to respond, please do so here so that we don't bisect this conversation :-)
Last updated: Apr 12 2022 at 19:14 UTC
