Re: [Tools-discuss] Phasing out TLS 1.0/1.1 on IETF services

Robert Sparks <rjsparks@xxxxxxxxxxx> · Mon, 27 Jun 2022 08:57:52 -0500



    I will make the change to configuration at CloudFlare tomorrow,
      early afternoon US Central. Only HTTPS traffic going through
      CloudFlare to *.ietf.org web services will be affected.
    RjS

    
    On 6/24/22 12:51 AM, Eric Vyncke
      (evyncke) wrote:

    
        Dear
            all, (please reply to
            tools-discuss@xxxxxxxx
            only)
         
        Based on
            feedback from our penetration testing contractor, and
            taking RFC8996
            [1] into
            consideration,
          the IETF will begin
            phasing out TLS 1.0 and 1.1 on IETF services
            in the coming days, 
         
        We will begin
          [2] 
          with
            requiring TLS 1.2 and above at
          Cloudflare and
            monitor for issues
            [3]. We will
            then proceed making similar changes to other services.
         
        Regards,
         
        -éric
        (liaison to
            the tools team for the IESG)
         
        [1]
            https://datatracker.ietf.org/doc/html/rfc8996
            Deprecating TLS 1.0 and TLS 1.1
        [2]
            we will announce the change 24 hour in advance
        [3]
            monitoring potential drops in connection statistics as well
            as opened cases
         
         
      ___________________________________________________________
Tools-discuss mailing list - Tools-discuss@xxxxxxxx - https://www.ietf.org/mailman/listinfo/tools-discuss