NSA security advisory on obsolete TLS configurations

[German]Information for administrators in server environments. Communication with (web) servers should be performed with current TLS 1.2 or TLS 1.3 encryption. Fallback to older TLS 1.0/1.1 or SSL standards should be removed. The US National Security Agency (NSA) has issued recommendations on this.


The National Security Agency (NSA) strongly recommends replacing outdated TLS protocol configurations with those that use strong encryption and authentication to protect all sensitive information. Over time, new attacks have been discovered against Transport Layer Security (TLS) and the algorithms used in these attacks. Network connections using outdated protocols are at increased risk of being exploited by attackers.

NSA-Empfehlungen zu TLS

Thorsten E. pointed out the NSA recommendations in the above tweet the other day, which can be read in the document Eliminating Obsolete Transport Layer Security (TLS) (PDF).

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *