Next major release of Internet.nl will use the new TLS guidelines
When using the new TLS guidelines organizations can achieve secure TLS connections for their internet connections. The advised settings are future proof; as expected TLS connections which are secured according to the new guidelines will not require any modifications in the near future. At the same time the guidelines also ensure that systems remain interoperable and prevent TLS settings to be incompatible.
TLS is an open standard and forms the basis for other standards like HTTPS (secure website connections) and STARTTLS (secure mail server connections). The new TLS guidelines include TLS version 1.3 which was added to the ‘comply-or-explain’ list of the Dutch Standardisation Forum at the end of 2018. Besides the addition of TLS 1.3, the new TLS guidelines contain some other changes like the new security level “Phase out” for TLS versions 1.0 and 1.1. The Dutch Data Protection Authority stated that organizations which are still using ‘phased out’ TLS configuration settings, need to replace them in the near future since these settings might not meet the security requirements resulting from the GDPR.