TLS 1.0 to 1.2 and NIST TLS Cipher Updates: Email Program and Web Browser Compatibility Issues
It happens at least every few years: system administrators need to update the security configuration of their servers to keep up with the latest best practices and to close newly found security issues(i.e., via changes to recommended TLS ciphers and protocols). These updates can be rocky. Change often introduces incompatibilities that prevent certain systems or programs from being able to connect to the updated systems.
In this article we are going to look at what email program an web browser incompatibilities arise when you migrate from using the “old standard:” TLS v1.0+ and the ciphers recommend by NIST 800-52r1 to using either TLS v1.0+ and the new NIST 800-52r2 ciphers or TLS v1.2+ and the new NIST 800-52r2 ciphers.
- PCI requires that servers that need to be PCI complaint use only TLS v1.1+ (which really means v1.2+) by the end of June, 2018.
- NIST 800-52r2 is in draft, but its updated cipher list removes many ciphers from revision 1 that are now considered “weak” and introduces a number of new, better ciphers. Administrators should be moving towards NIST 800-52r2 cipher support as a best practice.
- Organizations that require HIPAA compliance should also follow the NIST guidelines and prepare NIST 800-52r2 support and, where possible, eventually eliminate pre-TLS 1.2 support. See: What level of TLS is required for HIPAA compliance?
Three TLS/Protocol/Cipher Test Cases
In the following sections, we will look at 3 different server configurations and analyze how moving between them will affect the ability of various web browsers and email programs to connect to the server and successfully negotiate TLS. This will help you prepare for these security upgrades.
The three test cases:
- Baseline: TLS 1.0+ with the old, standard NIST 800-52r1 ciphers
- Revision 2: TLS 1.0+ with the new, proposed NIST 800-52r2 ciphers
- Revision 2 + TLS 1.2: TLS 1.2+ with the new, proposed NIST 800-52r2 ciphers
To get a list of the ciphers in each of these chases, refer to the post: What level of TLS is required for HIPAA compliance?
Web Browser Compatibility
We tested web browser compatibility by configuring a web site using each of the three test cases and then performing an SSL Labs scan.
|Web Browser||Baseline||Revision 2||Revision 2 + TLS 1.2|
|Android 2.3.7 – 4.3|
|Chrome 49/XP SP3|
|Chrome 57/Windows 7|
|Firefox 31.3.0 ESR / Win 7|
|Firefox 47 / Win 7|
|Firefox 49 / XP SP3|
|Firefox 53 / Win 7|
|IE 10/Windows Phone 8|
|IE 11/Windows Phone 8.1|
|Edge 13/Win Phone 10|
|Safari 6+/ iOS 6+|
|Safari 5.1.9 / Mac OS X 10.6.8|
|Safari 6.0.4 / Mac OS X 10.8.4|
|Safari 7+ / Mac OS X 10.9+|
So, upgrading the ciphers to NIST 800-52r2 for your web sites will improve security without impacting compatibility. LuxSci uses NIST 800-52r2 for all of its hosted web sites for this reason. If you want to lock down your web site to TLS 1.2+, you will lose compatibility with some older Microsoft browsers and some old libraries (java and openssl) which may or may not be important for your infrastructure. For this reason, LuxSci does not lock hosted web sites down to TLS 1.2+ unless that is requested by our customers.
Email Program Compatibility
We tested email program browser compatibility by configuring an IMAP/SMTP site using each of the three test cases and then manually testing connectivity from each of the listed email program / operating system combinations (yes, a lot of virtual machines).
|Email Program||Baseline||Revision 2||Revision 2 + TLS 1.2|
|Oulook 2003 / Win XP (up to SP3)|
|Outlook 2003 / Vista|
|Outlook 2003 / Win7|
|Outlook 2003 / Win8+|
|Oulook 2007 / Win XP (up to SP3)|
|Outlook 2007 / Vista|
|Outlook 2007 / Win7|
|Outlook 2007 / Win8+|
|Oulook 2010 / Win XP SP3|
|Outlook 2010 / Vista|
|Outlook 2010 / Win7|
|Outlook 2010 / Win8+|
|Outlook 2013 / Win7|
|Outlook 2013 / Win8+|
|Outlook 2016 / Win7|
|Outlook 2016 / Win8+|
|Outlook 2011 / Mac OSX 10.11-10.13|
|Outlook 2016 / Mac OSX 10.11-10.13|
|Mac Mail / Mac OSX 10.11|
|Mac Mail / Mac OSX 10.12+|
|Mail / iOS 11+|
|Mail / Android 5+|
|Thunderbird 24.2 / Win XP+ or Mac 10.11+|
|Thunderbird 45.6 / Win XP+ or Mac 10.11+|
|Thunderbird 52.8 / Win XP+ or Mac 10.11+|
Just like with web sites, moving to the updated NIST 800-52r2 ciphers does not really introduce any compatibility issues — unless, of course, you are using Outlook 2011 on a Mac. Switching to TLS 1.2+ will spell trouble for people using Outlook on Windows 7 or earlier, Mac Mail on Mac 10.11 (El Capitan) or earlier, and those using very old versions of Thunderbird.
LuxSci continues to support TLS 1.0+ for general compatibility unless specific customers request that their servers be locked down to TLS 1.2+. This is really still OK if you do not have PCI requirements, as even the new NIST 800-52r2 guidelines indicate that TLS 1.0+ is still “OK” for non-governmental situations where compatibility is important. The new revision 2 ciphers go a long way towards tightening up even TLS 1.0 communications.
Have questions about TLS in web an email situations? Ask Erik