SSL/TLS Deployment Best Practices Updated

I have just posted an update to the SSL Labs’s SSL/TLS Deployment Best Practices document. The new version is now entirely up-to-date, but the changes are largely incremental:

• Stronger wording to deploy 2048-bit keys (it’s getting difficult or impossible to get certificates for anything less, anyway), and upgrade the remaining 1024-bit keys by the end of 2013.
• Recommendation to use TLS 1.2 as main protocol.
• Added CRIME to the list of problems that need to be mitigated in configuration.
• Added more references for those who wish to research some of the topics.
• Added Extended Validation certificates and Public Key Pinning to the Advanced Topics section.
• Several smaller changes and clarifications throughout the document.