MS are basically doing the same by having their cloud apps reject clients that don't support TLS 1.2.Īlso, blanket enabling ANYTHING is just willful laziness. Google followed suit by blocking SHA-1 certificates in Chrome. ![]() They did it to businesses still running WinSvr2003 DCs by dropping support for RC4. In every respect TLS 1.2 is more secure than its predecessors which is why so many cloud services are dropping support for TLS 1.1 and below: it's the Apple strategy of forcing enterprises who are often slow moving on deploying security enhancements and upgrades to do so by letting things break for the people behind the curve. If you're talking about Heartbleed, the issue is not with the protocol itself but with openssl's implementation of the protocol. ![]() TLS 1.1 andġ.2 have known problems that prevents them from being secure. This is bad advice if you're running a secure environment.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |