From 452d2c59028b7aa9de9467826d62ff698848522f Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Fri, 27 Aug 2021 01:16:48 +0200
Subject: README.SSL-SERVER: require TLS 1.2/1.3

---
 README.SSL-SERVER | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'README.SSL-SERVER')

diff --git a/README.SSL-SERVER b/README.SSL-SERVER
index 60a7d332..a5e07551 100644
--- a/README.SSL-SERVER
+++ b/README.SSL-SERVER
@@ -9,6 +9,11 @@ In order to let any mail client (not just fetchmail) verify server certificates
 properly, so that users can be sure their connection is not eavesdropped, there 
 are several requirements that need to be fulfilled.
 
+0. Provide modern TLS implementations:
+
+   Make sure the server supports TLS 1.2 and 1.3.
+   Older versions are deprecated and may preclude modern clients.
+
 1. Match certificate and DNS names:
 
    The server certificate's "common name" or "subject alternative name" must 
-- 
cgit v1.2.3