April 8th, 2019

LuxSci to upgrade all Systems to support only TLS v1.2+ only

LuxSci will be removing the remaining support for TLS v1.0 and TLS v1.1 from its services starting July 1st, 2019. This update will be a rolling change to all servers that will take place between July 1st and August 31st, 2019.

TLS v1.0 and TLS v1.1 are very old transport security protocols that have been succeeded by the much more secure TLS v1.2, which came out way back in 2008. All major web browsers released in the last 6+ years support TLS 1.2. Older web browsers may or may not support it (check your browser); however, less than 1% of web traffic across the world actually use the older protocols

TLS 1.0 and 1.1. TLS 1.0 and 1.1 are showing their age and security weaknesses have been cropping up for a while. Requirements for PCI compliance have mandated using TLS 1.2+ only since last summer and NIST best practices for TLS usage suggest moving away from older versions of TLS soon. LuxSci has been locking down dedicated customers that require use of only TLS 1.2+ for some time as well. In 2020, most major web browser vendors will be completely dropping support for TLS 1.0 and 1.1 as well.

So, it really is time to give up the ghost. During the rolling maintenance period of July and August, LuxSci will be removing TLS 1.0 and 1.1 support on all dedicated and shared servers. This change affects:

  • Web site hosting (i.e., what TLS versions your LuxSci-hosted web site will accept).
  • Email sending via SMTP
  • Email checking via POP and IMAP
  • LuxSci’s WebMail and administration portals
  • LuxSci’s Spotlight Mailer interface
  • LuxSci’s SecureForm for posting services
  • Connections to LuxSci’s APIs
  • Email open and click tracking
  • SMTP Forced TLS. We will only support forced outbound TLS with SMTP servers that support TLS v1.2+. We may still support opportunistic TLS with legacy SMTP servers; however, we will no longer consider such communications to be secure enough for compliance.

In general, most customers will not notice any difference. However, if you use old, legacy systems (or your end users do) you will want to be sure that you either (a) upgrade your systems, or (b) ensure that these systems will support TLS 1.2 for connections to LuxSci’s servers. Check out our blog post that rates web browsers and email programs on their support for TLS. Look at the column “Revision 2 + TLS 1.2” to determine if your program +operating system will support TLS 1.2 with LuxSci.

For customers with dedicated servers that do not have specific compliance requirements (i.e., HIPAA or PCI), LuxSci can leave your server supporting TLS 1.0 and 1.1 through December 31st , 2019. If you require this extension, please contact LuxSci technical support.

Similar Posts:

    None Found

Leave a Comment

You must be connected or logged in to post a comment. This is to reduce spam comments.

If you have not previously commented, you can connect using existing social media account, or register with a new username and password.