azure-docs Cipher suite selection

[Enter feedback here]

Critical feedback and questions ahead.

I do not see a way to select or exclude insecure cryptographic suites in this product and I do not see a statement regarding the deprecation of TLS 1.0 and TLS 1.1. Is TLS 1.1. and TLS 1.0 going to be deprecated from storage?

Setting the cryptographic suites used for a connection just on the client is relying on the client to just ask for a secure client-side extension. When a tenant or on-premises environment is compromised the attacker has access to the network traffic, our attacker will not observe the cryptographic suite limitation and a properly positioned attacked could gain access to data by exploiting the weaker cryptographic suites.

If the service is not capable of such settings, please be direct in your language stating:

We do not support TLS 1.3
We do support crypto graphic suite that are weak or insecure.

If these capabilities or any other capabilities are being planned, it would be nice to have some customer talking points to avoid the uncomfortable reality of the poor security conversation.

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

ID: 0d6c9dfa-cb51-8e98-ce3e-68cfeb50c9dd
Version Independent ID: 5364e068-0237-bbfd-e8a3-cb83ed210585
Content: Enforce a minimum required version of Transport Layer Security (TLS) for incoming requests - Azure Storage
Content Source: articles/storage/common/transport-layer-security-configure-minimum-version.md
Service: storage
Sub-service: common
GitHub Login: @jimmart-dev
Microsoft Alias: jammart

Aug 09 '22 22:08 ToddMaxey

@ToddMaxey Thanks for the question! We are investigating and will update you shortly.

Aug 10 '22 06:08 SumanthMarigowda

@ToddMaxey Apologies for the delay response! I have assigned I have assigned the issue to the content author to investigate further and update the document as appropriate.

Aug 17 '22 07:08 SumanthMarigowda

Thank you for your dedication to our documentation.

We sincerely apologize for the delayed response. After a careful review, we are closing this issue. If you feel that the problem persists, please respond to this issue with additional information.

Please continue to provide feedback about the documentation. We appreciate your contributions to our community.

#please-close

Jun 06 '23 04:06 akashdubey-ms