TLSv1.2 is secure only when it is configured properly!
TLSv1.2 is a revision to the TLSv1.1 and was released in August of 2008. Just like previous revisions to TLS, this revision aims at improving the security of the protocol by improving the encryption and hashing standards. One of the primary goals of the TLS 1.2 revision was to remove the protocol’s dependency on the MD5 and SHA-1 digest algorithms.
Are you a developer? Get started with crucial implementation details above.
Are you an IT administrator? Get started with best practice setup details above.
Are you a Manager? Get started with best practice setup details above.
Best Practices and Advisories:
- (Best Practice) TLS 1.2 uses Auth-then-Encrypt, or MAC-then-Encrypt, which is known to be vulnerable:
Check out the RFC for Encrypt-then-Auth. note: this is addressed in TLS 1.3, so upgrade if you can!
For more details check the FAQ for this algorithm.