Actions
Todo #5984
closedDisable TLSv1.0 for web GUI
Start date:
03/12/2016
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Description
While there are no known weaknesses in TLSv1.0 as we have it configured, it's increasingly triggering "vulnerability" reports from vulnerability scanners, and disabling it isn't going to cause significant compatibility issues at this point. IE versions prior to 11 are the only significant thing it will break, and those versions of IE have been unsupported since January. Our default TLS config hasn't worked in IE versions earlier than 10 in about a year anyway.
Leaving enabled for captive portal for now, as that's still likely to encounter a variety of old, unsupported browsers that are outside the admin's control.
Updated by Chris Buechler almost 9 years ago
- Status changed from New to Resolved
Actions