On Tue, Aug 06, 2024 at 05:02:14AM -0400, Neil Horman wrote: > Neil Horman <nhor...@openssl.org> > 4:19 AM (42 minutes ago) > to openssl-security > > OpenSSL is currently considering the deprecation of the TLS 1.0/1.1 > protocols. Currently TLS1.1 and TLS 1.0 are disabled at run time, and > requires enablement by reducing the ssl security level value. > > The current proposal under consideration is to explicitly disable TLS > 1.0/1.1 at build time, in our 4.0 release (tentatively scheduled to release > in the next 12-18 months), with an eye to completely remove the impacted > code in a future major release. The default configuration could be > overridden to re-enable TLS 1.0/1.1 at build time. > > Questions to the community are: > > 1) Are distributions/users comfortable with this approach in the time frame > proposed? > > 2) Would builders of OpenSSL consider using the default configuration (with > TLS1.0/1.1 disabled in 4.0), or would they ship with these protocols > re-enabled in their builds? > > 3) If the deprecated protocols are re-enabled, what would constitute a > reasonable warning mechanism to inform users that these protocols are going > away at some point in the future to pressure users to update to a newer, > more secure protocol? > > Input on these questions is requested and appreciated
I’m fine with this. Anyone who needs compatibility with obsolete protocols should use a dedicated proxy. I would also be fine with dropping support for non-AEAD ciphers in TLS 1.2. -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab
signature.asc
Description: PGP signature
