:-) On 7/2/21 3:56 PM, Bastian Blank wrote:
On Fri, Jul 02, 2021 at 03:14:58PM +0200, Marek Kozlowski wrote:It looks like '!TLSv1' is seen as something like "!TLSv1.x" ("no TLS 1.x at all") rather than "!TLSv1.0". Yes it is a stupid supposition but I cannot think of any other explanation. Is it possible?No, !TLSv1 means no TLS 1.0. The reason is more simple: there exist virtually no TLSv1.1 implementations as 1.2 was published only two years later, but there still exist quite some TLSv1.0 implementations in legacy systems. So all still existing systems support either 1.0, 1.2 or 1.3 (usually including all the older versions as well.)
But on the other hand it's hard to believe than some servers with a good reputation (according to https://talosintelligence.com) of reputable American universities still don't support TLS 1.2 nor 1.3... Do you suggest... they haven't upgraded their mail servers for over a decade? So I'm a bit confused.
Best regards, Marek
smime.p7s
Description: S/MIME Cryptographic Signature
