Re: dovecot, openssl, TLS1.0
- Date: Mon, 5 Nov 2018 09:15:58 -0500
- From: Greg Wooledge <wooledg@xxxxxxxxxxx>
- Subject: Re: dovecot, openssl, TLS1.0
On Mon, Nov 05, 2018 at 01:36:10PM +0100, Jan Foniok wrote:
> What is the best way out? Can TLS1.0 and 1.1 be enabled?
TLS 1.0 is insecure and should never be used. TLS 1.1 is questionable.
If you google something like "tls 1.1 deprecated", you will get plenty
of results telling you why. The most official one I could find was this
IETF draft memo: