The National Cyber Security Center (NCSC) has published an update to their guideline for securely configuring the Transport Layer Security (TLS) protocol.
TLS is the most widely used protocol to secure connections on the Internet. A well-known example of a TLS application is the secure connection via "https" required for Web sites or Web applications. TLS is also used in e-mail traffic and setting up a VPN connection.
The TLS protocol is also known as the Secure Sockets Layer (SSL) protocol. However, SSL is no longer considered secure and therefore should no longer be used. However, the term SSL is still often used when talking about securing connections.
The TLS protocol ensures the confidentiality and integrity of a connection. The techniques and methods available within the protocol are no longer all considered secure. This is because, for example, some encryption techniques are no longer strong enough or because of design flaws that have come to light. When an insecure configuration of this protocol is used, malicious people can take advantage of it. In addition, an insecure configuration can also affect the availability of a connection because client applications, such as a Web browser, may decide not to support older versions, making a connection no longer possible.
So it is important that the configuration of this protocol is done properly and also checked periodically. The NCSC's guideline provides insight into configurations and categorizes whether they:
safe,
need to be phased out or
should no longer be used.
Download 'ICT security guidelines for Transport Layer Security (TLS) v2.1'
Source: Digital Trust Center
