curl / Mailing Lists / curl-library / Single Mail

curl-library

on the topic of browsers deprecating TLS 1.0/1.1

From: Daniel Stenberg via curl-library <curl-library_at_cool.haxx.se>
Date: Wed, 17 Oct 2018 09:07:21 +0200 (CEST)

Hey,

The four major browsers (Firefox, Chrome, Edge and Safari) have all
coordinated the deprecation of TLS 1.0 and 1.1 (see [1] for technial details).
To be removed in March 2020, so still quite a long time away I think.

I don't think this is a reason enough for us to act in any particular way
short-term. We can possibly consider also bumping our lowest acceptable
default version in the future, but I rather just wait this transition out a
bit first to see where it goes.

curl is usually rather conservative, but we also need to offer "safe" and
"reasonable" defaults to users.

[1] = https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html

Received on 2018-10-17

This message: [ Message body ]
Next message: Daniel Stenberg via curl-library: "Re: Plans to switch Visual Studio pre-generated project files from OpenSSL 1.0.2 to 1.1.1"
Previous message: Daniel Stenberg via curl-library: "Re: make distclean fails for 7.61.1"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]