- NEATS (Not Everything About TLS Security) is a brief summary of TLS security issues.
- Last update (content): 2020-12-21
- State: Will be updated within 1 week
This document, if approved, formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC 2246) and 1.1 (RFC 4346). Accordingly, those documents (will be moved|have been moved) to Historic status. These versions lack support for current and recommended cryptographic algorithms and mechanisms, and various government and industry profiles of applications using TLS now mandate avoiding these old TLS versions. TLSv1.2 has been the recommended version for IETF protocols since 2008, providing sufficient time to transition away from older versions. Removing support for older versions from implementations reduces the attack surface, reduces opportunity for misconfiguration, and streamlines library and product maintenance.
- TLS vulnerabilities and security issues on different attack surfaces.
- Lots of test and verify works with all kinds of methods.
- Open source / online tools and measurement works.
- TLS 1.0~1.3 deployment?
- Difference caused by censorship?
- Alexa/Else Top 1M vulnerabilities?
- Protocol security OR implementation security?