> > That's precisely the problem: As long as you don't enforce STARTTLS, you > do not raise the bar or improve security by disabling TLS 1.0 or 1.1, > because the least secure "protocol", namely no encryption at all, is still > enabled. >
Yes! I entirely agree with that! Le jeu. 14 mars 2024 à 10:45, Gellner, Oliver via mailop <mailop@mailop.org> a écrit : > On 14.03.2024 at 09:37 Cyril - ImprovMX via mailop wrote: > > > We previously were accepting only TLS 1.2 and higher and I was surprised > to see the amount of senders not being able to find common ciphers (I had > mostly encounters with Cisco users), so we decided to also accept TLS 1.0 > and 1.1. > > But in my opinion, moving the needle upward by not accepting deprecated > versions would force those users to be compliant and improve the general > security. > > That's precisely the problem: As long as you don't enforce STARTTLS, you > do not raise the bar or improve security by disabling TLS 1.0 or 1.1, > because the least secure "protocol", namely no encryption at all, is still > enabled. > For services which only allow encrypted connections I'm all for removing > support for TLS 1.1 and everything below. But we cannot enforce TLS on the > public MX servers as long as no large ESPs make this move first. > > -- > BR Oliver > ________________________________ > > dmTECH GmbH > Am dm-Platz 1, 76227 Karlsruhe * Postfach 10 02 34, 76232 Karlsruhe > Telefon 0721 5592-2500 Telefax 0721 5592-2777 > dmt...@dm.de<mailto:dmt...@dm.de> * www.dmTECH.de<http://www.dmtech.de> > GmbH: Sitz Karlsruhe, Registergericht Mannheim, HRB 104927 > Geschäftsführer: Christoph Werner, Martin Dallmeier, Roman Melcher > ________________________________ > Datenschutzrechtliche Informationen > Wenn Sie mit uns in Kontakt treten, beispielsweise wenn Sie an unser > ServiceCenter Fragen haben, bei uns einkaufen oder unser dialogicum in > Karlsruhe besuchen, mit uns in einer geschäftlichen Verbindung stehen oder > sich bei uns bewerben, verarbeiten wir personenbezogene Daten. > Informationen unter anderem zu den konkreten Datenverarbeitungen, > Löschfristen, Ihren Rechten sowie die Kontaktdaten unserer > Datenschutzbeauftragten finden Sie hier< > https://www.dm.de/datenschutzerklaerung-kommunikation-mit-externen-493832 > >. > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop >
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
