HI,

TLS 1.3 makes perfect sense.

TLS 1.1 is thankfully pretty much outlawed now everywhere.
TLS 1,2 acceptable as a minimum.

Most frameworks and audit criteria looks to 1.3.

https://www.ncsc.gov.uk/pdfs/guidance/using-tls-to-protect-data.pdf

Who doesn't love and elliptical curve :)

Carol



On Fri, Dec 6, 2024 at 6:51 PM Salvatore D'Agostino <sal@idmachines.com> wrote:

Yes, interesting, passing along. Thanks Dan.

 

Building on TLS 1.3 for client/server makes a lot of sense.

 

Here is the technical article referenced in the blog post.

 

1063.pdf

 

The record layer effectively uses a receipt.

 

From: Daniel Schleifer <dan@idmachines.com>
Sent: Friday, December 6, 2024 1:00 PM
To: Salvatore D'Agostino <sal@idmachines.com>
Subject: Certificate usage

 

 

Hi Sal,

I saw this article and thought it was interesting.

 

 

_______________________________________________
A Community Group mailing list of KantaraInitiative.org
Wg-pemc mailing list -- wg-pemc@kantarainitiative.org
To unsubscribe send an email to staff@kantarainitiative.org
List archives --  https://mailman.kantarainitiative.org/hyperkitty/list/wg-pemc@kantarainitiative.org/
______
Group wiki -- https://kantara.atlassian.net/wiki/spaces/Wg-pemc