National Security Agency issues guidance on how to replace obsolete encryption protocols. Agency says outdated protocols can enable unauthorized network access to nation-state actors. Agency: Use of weak, compromised or revoked certificates for TLS can lead to man-in-the-middle attacks. Agency also recommends that organizations only use the TLS 1.2 or SSL 1.3 versions of the protocol. Agency has released on GitHub a free detection tool for identifying obsolete TLS versions in their systems. The agency notes that organizations running out-of-date versions of TLS tools should disable those tools.”]
Source: https://www.cuinfosecurity.com/nsa-releases-guidance-on-obsolete-encryption-tools-a-15711