From 1fd57e57255cb7f6d76326a255a3a91d107cba89 Mon Sep 17 00:00:00 2001 From: Florian Floimair Date: Fri, 12 May 2023 16:51:39 +0200 Subject: [PATCH] tls: update documentation (TLS v1.0 & 1.1 deprecation) --- src/modules/tls/doc/params.xml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/modules/tls/doc/params.xml b/src/modules/tls/doc/params.xml index b51e5ce99a0..1e8ca7f3e94 100644 --- a/src/modules/tls/doc/params.xml +++ b/src/modules/tls/doc/params.xml @@ -105,9 +105,10 @@ If RFC 3261 conformance is desired, at least TLSv1 must be used. For compatibility with older clients SSLv23 is the option, but again, be aware - of security concerns, SSLv2/3 being considered very insecure by 2014. + of security concerns, SSLv2/3 as well as TLS v1.0 and v1.1 are being considered very insecure + and are therefore deprecated since March 2021 (RFC 8996). For current information about what's considered secure, please consult, - IETF BCP 195, currently RFC 7525 - "Recommendations for Secure Use of + IETF BCP 195, currently RFC 9325 - "Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)"