%% You should probably cite rfc8996 instead of this I-D. @techreport{ietf-tls-oldversions-deprecate-04, number = {draft-ietf-tls-oldversions-deprecate-04}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/04/}, author = {Kathleen Moriarty and Stephen Farrell}, title = {{Deprecating TLSv1.0 and TLSv1.1}}, pagetotal = 22, year = 2019, month = may, day = 10, abstract = {This document, if approved, formally deprecates Transport Layer Security (TLS) versions 1.0 {[}RFC2246{]} and 1.1 {[}RFC4346{]} and moves these documents to the historic state. These versions lack support for current and recommended cipher suites, and various government and industry profiles of applications using TLS now mandate avoiding these old TLS versions. TLSv1.2 has been the recommended version for IETF protocols since 2008, providing sufficient time to transition away from older versions. Products having to support older versions increase the attack surface unnecessarily and increase opportunities for misconfigurations. Supporting these older versions also requires additional effort for library and product maintenance. This document also deprecates Datagram TLS (DTLS) version 1.0 {[}RFC6347{]} (but not DTLS version 1.2, and there is no DTLS version 1.1). This document updates many RFCs that normatively refer to TLSv1.0 or TLSv1.1 as described herein. This document also updates RFC 7525 and hence is part of BCP195.}, }