# TLS Best Practices

## Certificate Verification

TLS certificate verification MUST be enabled. Disabling verification
opens the application to man-in-the-middle attacks.

Authority: RFC 5246 Section 7.4.2

## Minimum Version

SSL TLS MUST NOT be disabled for backward compatibility. Legacy protocols
contain known vulnerabilities that attackers can exploit.

Authority: OWASP Transport Layer Protection Cheat Sheet