[gnutls-devel] GnuTLS | Do not enable TLS 1.0 and TLS 1.1 by default (#940)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Feb 17 09:25:45 CET 2020

Nikos Mavrogiannopoulos created an issue: https://gitlab.com/gnutls/gnutls/issues/940

TLS 1.1 and 1.0 are being phased out from the browsers:
 * [Chrome](https://www.ghacks.net/2019/10/02/tls-1-0-and-1-1-deprecation-chrome-to-display-your-connection-is-not-fully-secure-warnings/)
 * [Firefox](https://www.ghacks.net/2019/09/29/mozilla-disables-tls-1-0-and-1-1-in-firefox-nightly-in-preparation-of-deprecation/)
and operating systems:
 * [RHEL 8](https://www.redhat.com/en/blog/consistent-security-crypto-policies-red-hat-enterprise-linux-8)

None of these remove it as it is still necessary for accessing legacy systems. We should disable it by default and allow applications that require it, to enable it.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/940
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200217/ae0c39a1/attachment.html>

More information about the Gnutls-devel mailing list