Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Listed.to server supports TLS 1.0 and 1.1 #226

Open
salixh5 opened this issue Jan 26, 2022 · 0 comments
Open

Listed.to server supports TLS 1.0 and 1.1 #226

salixh5 opened this issue Jan 26, 2022 · 0 comments
Assignees
@karolsojko

Comments

@salixh5
Copy link

salixh5 commented Jan 26, 2022
edited
Loading

10 years after the introduction of TLS 1.2, the previous protocol versions became deprecated in 2018. Now, another 4 years have passed. While I understand the need to support older clients, even big services like Microsoft 365 have long ceased to support these deprecated protocol versions.

I think Listed.to should consider the same step for their servers. You probably already are gathering stats on successful connections being made with them. From my experience it's probably well under 0.5% (but I don't exactly know the user demographic).

Edit: Of course, other improvements like employing a CAA policy etc. I would also like to see, especially because we're pointing our custom domains to the Listed.to servers, but TLS 1.0/1.1 is imo the most obvious issue, especially seeing as app.standardnotes.com does only support TLS 1.2 (but this one doesn't have HSTS, while listed.to has HSTS... confusing)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@karolsojko karolsojko

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@karolsojko @salixh5