On the 28th November 2017 IBM announced1 it would stop supporting TLS 1.0 and 1.1 in several of its cloud products as from the 1st of March 2018. TLS 1.2 will continue to be supported. The change follows IBM’s commitment to offering secure cloud services and adhere to industry best practices.
Transport Layer Security (TLS) is a cryptographic protocol that allows HTTPS to conduct secure transactions on the Internet. TLS 1.2 was drafted in RFC 52462 in August 2008 and later further refined in RFC 61760. TLS 1.3 is “in the making” as an IETF working draft3 since July 2017.
In order to connect to services that are affected the by the change (after 1st March 2018), users will be required to use a client that supports TLS 1.2.
Other organizations have either already disabled TLS 1.0 or have announced to do so. For example Trend Micro4 disabled TLS 1.0 earlier this year and TLS certificate provider Comodo5 did the same recently (in June 2017).
After numerous vulnerabilities allowed cyber criminals to break secure connections, the industry prompted for a quick adoption of TLS 1.2 and deprecate the earlier version. However, non updated software could still be requesting connections over TLS 1.0. The transition had to be smoooth. In fact, in March 2016 when MaxCDN announced6 it was deprecating TLS 1.0 concerns were raised by consumers that the move would leave web browsers in the older versions of Android deprived of connectivity.
- https://console.bluemix.net/docs/troubleshoot/appsectls.html#tlssupportwithdraw [return]
- https://tools.ietf.org/html/rfc5246 [return]
- https://tools.ietf.org/html/draft-ietf-tls-tls13-21 [return]
- https://success.trendmicro.com/solution/1116591-tls-1-0-will-be-disabled-on-march-4-2017 [return]
- https://www.comodo.com/e-commerce/ssl-certificates/tls-1-deprecation.php [return]
- MaxCDN: We will continue to support TLS 1.0 [return]
Author Ish Sookun