<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div>Hi Rene,</div><div><br class=""><blockquote type="cite" class=""><div class=""><div class=""><div class="protected-part"><div class="protected-content">I have noticed quite the contrary. TLS v1.0 and TLS v1.1 is still in use,<br class="">even TLS v1.2 - many years after the standards were being published.<br class="">Adoption is very slow. I am sure that TLS v1.3 implementation will take a<br class="">couple of years.</div></div></div></div></blockquote><blockquote type="cite" class=""><div class=""><div class=""><div class="protected-part"><div class="protected-content">This being said, yes, the best practices and recommendations change, but<br class="">not as often as people buy new clients. The ACH guide is still valid for<br class="">most configurations.<br class=""></div></div></div></div></blockquote><div><br class=""></div><div>That’s the problem. There are some driving forces like Google[1], </div><div>Github[2] or Cloudflare[3] which usually are light-years ahead of the</div><div>majority of other companies. Generally it’s very safe to say that what</div><div>these companies do, can be considered as current best practice.</div><div><br class=""></div><div>Just to give a few examples..</div><div><br class=""></div><div>[1] <font color="#419cff" class=""><span style="caret-color: rgb(65, 156, 255);" class=""><u class=""><a href="https://tools.ietf.org/html/rfc7905" class="">https://tools.ietf.org/html/rfc7905</a></u></span></font></div><div>[2] <a href="https://githubengineering.com/crypto-removal-notice/" class="">https://githubengineering.com/crypto-removal-notice/</a> </div><div>[3] <a href="https://blog.cloudflare.com/introducing-tls-1-3/" class="">https://blog.cloudflare.com/introducing-tls-1-3/</a> </div><div><br class=""></div><div>Cheers</div><div>Dominic</div></div></body></html>