Research and Development

As previously mentioned in SSL: Light at the end of the tunnel, today is the day that our SSL recommendations officially change. From today onwards the Team recommend only TLS versions 1.1 and 1.2. Up until now the Team have accepted the need for SSLv3 and TLSv1 for compatibility reasons, however the time has come to cut the cord. The loss of compatibility should only affect legacy systems. If these systems cannot be updated to support the newer protocols, then weak SSL is likely to be the least of your security concerns!

The Team will continue to update the guide going forwards, and will highlight major changes on the blog. Whilst you’re checking out our updated recommendations, why not take a few extra minutes and look at our SSL Certificate Good Practise Guide?

Request to be added to the Portcullis Labs newsletter

We will email you whenever a new tool, or post is added to the site.

Your Name (required)

Your Email (required)