listed icon indicating copy to clipboard operation
listed copied to clipboard
verified publisher icon standardnotes

Listed.to server supports TLS 1.0 and 1.1

Open salixh5 opened this issue 3 years ago • 0 comments

10 years after the introduction of TLS 1.2, the previous protocol versions became deprecated in 2018. Now, another 4 years have passed. While I understand the need to support older clients, even big services like Microsoft 365 have long ceased to support these deprecated protocol versions.

I think Listed.to should consider the same step for their servers. You probably already are gathering stats on successful connections being made with them. From my experience it's probably well under 0.5% (but I don't exactly know the user demographic).

Edit: Of course, other improvements like employing a CAA policy etc. I would also like to see, especially because we're pointing our custom domains to the Listed.to servers, but TLS 1.0/1.1 is imo the most obvious issue, especially seeing as app.standardnotes.com does only support TLS 1.2 (but this one doesn't have HSTS, while listed.to has HSTS... confusing)

salixh5 avatar Jan 26 '22 19:01 salixh5