[gnutls-devel] GnuTLS | Do not enable TLS 1.0 and TLS 1.1 by default (#940)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Feb 17 09:25:45 CET 2020



Nikos Mavrogiannopoulos created an issue: https://gitlab.com/gnutls/gnutls/issues/940



TLS 1.1 and 1.0 are being phased out from the browsers:
 * [Chrome](https://www.ghacks.net/2019/10/02/tls-1-0-and-1-1-deprecation-chrome-to-display-your-connection-is-not-fully-secure-warnings/)
 * [Firefox](https://www.ghacks.net/2019/09/29/mozilla-disables-tls-1-0-and-1-1-in-firefox-nightly-in-preparation-of-deprecation/)
and operating systems:
 * [RHEL 8](https://www.redhat.com/en/blog/consistent-security-crypto-policies-red-hat-enterprise-linux-8)

None of these remove it as it is still necessary for accessing legacy systems. We should disable it by default and allow applications that require it, to enable it.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/940
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200217/ae0c39a1/attachment.html>


More information about the Gnutls-devel mailing list