On Sat, Jun 03, 2023 at 01:40:18AM +0000, Michael Lee via openssl-users wrote: > The problem is that TLS 1.0 is considered insecure and thus getting > "deprecated" in many situations (e.g. > https://aws.amazon.com/blogs/security/tls-1-2-required-for-aws-endpoints/) > despite its presence being allowed in the protocol standard. Thus, we > have end users that are instituting firewall rules to block packets > upon detecting presence of TLS 1.0... The firewall rules in question are broken. TLS record layer version is not the protocol version. There are no security issues with the TLS 1.0 record layer, it is essentially the same as the TLS 1.2 record layer. -- Viktor.
