If someone is interested, we could potentially ask Binu if he has newer data available. He had done a presentation on the same data at M3AAWG a few years ago.
-- Alex Brotman Sr. Engineer, Anti-Abuse Comcast -----Original Message----- From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Rohan Sheth Sent: Tuesday, May 22, 2018 11:06 AM To: mailop@mailop.org Subject: [EXTERNAL] Re: [mailop] Disabling TLS1.0 for SMTP On Tue, May 22, 2018, at 7:47 AM, Al Iverson wrote: > Are folks disabling TLS1.0 support in SMTP? Our security team has > asked, but I'm a bit concerned about potential failure cases when > trying to deliver mail to smaller corporate sites that might be doing > stuff like requiring TLS but supporting 1.0 only....is that really > much of a concern? Admittedly a few years old (March 2016) but Yahoo shared some data about TLS versions they see: https://yahoo-security.tumblr.com/post/141495385400/measuring-smtp-starttls-deployment-quality Scrolling down to the TLS Session section, it seems at the time they still saw a large volume of TLS 1.0. I would guess that it hasn't changed enough that it is OK to blanket disable TLS 1.0 today. -Rohan _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop