Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable TLSv1.1 by default #108057

Open
EvanXiaa opened this issue Apr 30, 2024 · 1 comment
Open

Disable TLSv1.1 by default #108057

EvanXiaa opened this issue Apr 30, 2024 · 1 comment
Labels
>enhancement :Security/TLS SSL/TLS, Certificates Team:Security Meta label for security team team-discuss

Comments

@EvanXiaa
Copy link

Description

Hi everyone!

In #37512, #37788, #37793, we have removed the default usage of TLSv1.

Given that both TLS 1.0 and 1.1 were deprecated in Mar 2021 with IETF RFC 8996, it seems we should also consider removing the default support to TLSv1.1 in future versions or providing a deprecation warning for it.
@EvanXiaa EvanXiaa added >enhancement needs:triage Requires assignment of a team area label labels Apr 30, 2024
@pxsalehi pxsalehi added the :Security/TLS SSL/TLS, Certificates label Apr 30, 2024
@EvanXiaa EvanXiaa mentioned this issue Apr 30, 2024
Merged
@elasticsearchmachine elasticsearchmachine added Team:Security Meta label for security team and removed needs:triage Requires assignment of a team area label labels Apr 30, 2024
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
>enhancement :Security/TLS SSL/TLS, Certificates Team:Security Meta label for security team team-discuss
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@gwbrown @pxsalehi @elasticsearchmachine @EvanXiaa