NSA Urges System Administrators To Replace Obsolete TLS Protocols

The US National Security Agency has issued a security advisory this month urging system administrators in federal agencies and beyond to stop using old and obsolete TLS protocols. From a report: "NSA recommends that only TLS 1.2 or TLS 1.3 be used; and that SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 not be used," the agency said. "Using obsolete encryption provides a false sense of security because it seems as though sensitive data is protected, even though it really is not," the agency added. Even if TLS 1.2 and TLS 1.3 are deployed, the NSA warns against configuring these two protocols with weak cryptographic parameters and cipher suites. Read more of this story at Slashdot.

NSA Urges System Administrators To Replace Obsolete TLS Protocols

The US National Security Agency has issued a security advisory this month urging system administrators in federal agencies and beyond to stop using old and obsolete TLS protocols. From a report: "NSA recommends that only TLS 1.2 or TLS 1.3 be used; and that SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 not be used," the agency said. "Using obsolete encryption provides a false sense of security because it seems as though sensitive data is protected, even though it really is not," the agency added. Even if TLS 1.2 and TLS 1.3 are deployed, the NSA warns against configuring these two protocols with weak cryptographic parameters and cipher suites.

Read more of this story at Slashdot.