[Ach] Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)

Aaron Zauner azet at azet.org
Tue May 5 19:00:09 CEST 2015


SSLv2 + v3: MUST NOT
TLS 1.0 + 1.1: SHOULD NOT
TLS 1.2: MUST (support in implemenatations)


On Tue, May 5, 2015 at 6:59 PM, Aaron Zauner <azet at azet.org> wrote:

> Hi,
> Happy to announce that a long overdue IETF document has become an Internet
> Best Practice RFC today: https://www.rfc-editor.org/rfc/rfc7525.txt
> I think this document covers all current problems with TLS and how to
> avoid those pretty well (on a purely technical basis, no configuration
> samples as with this project, of course).
> Aaron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20150505/b4a55e48/attachment.html>

More information about the Ach mailing list