NSA urges system administrators to replace obsolete TLS protocols


The US National Security Agency has issued a security advisory [PDF] this month urging system administrators in federal agencies and beyond to stop using old and obsolete TLS protocols.

“NSA recommends that only TLS 1.2 or TLS 1.3 be used; and that SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 not be used,” the agency said.

“Using obsolete encryption provides a false sense of security because it seems as though sensitive data is protected, even though it really is not,” the agency added.

Read more…
Source: ZDNet