> Granted, this isn't a binary "full security" or "no security" > difference, but a balance, but still I would put up a red flag at anyone > chosing TLS 1.2 while rejecting TLS 1.3. Some references: > > https://tolumichael.com/is-tls-1-2-deprecated-key-difference-from-tls-1-3/ > https://software.land/tls-1.2-vulnerability/ > https://developer.mozilla.org/en-US/docs/Web/Security/Transport_Layer_Securi > ty#tls_1.3
Your references merely say that unsafe options like RSA key exchange (having no forward secrecy) etc. have been removed from TLS 1.3. This makes it more difficult to shoot yourself in the foot, which is good. But again, I'd argue that most modern XMPP servers and clients (at least those implementing XEP-0440) use TLS 1.2 with a reasonable configuration (e.g. more or less matching that of TLS 1.3). That said, somebody not wanting to implement TLS 1.3 but only 1.2 would indeed be a red flag. As far as TLS is concerned, version 1.3 is definitely the only sensible way forward. -tmolitor _______________________________________________ Standards mailing list -- [email protected] To unsubscribe send an email to [email protected]
