Sign in / up

back to article Wait. What? The IBM cloud's APIs use insecure TLS1 crypto?

An email has gone out from IBM about its Bluemix cloud: after next Tuesday, the SoftLayer APIs will no longer accept connections encrypted with the ancient TLS 1.0. It's not quite a surprise that the 1990s-era protocol was still accepted: a great many services are still midway through their deprecation plans. To give just one …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. RegGuy1 Silver badge

    Is news thin on the ground?

    In the Bluemix e-mail, IBM notes: “There should be no impact to customers using a modern web client. This notification is intended to be informative only.

    Hmm, sounds like a non-story.

    1 2 Reply
  2. fnusnu

    It's a very helpful story when you are trying to convince manglement that they need to support your efforts to remove TLS1.0

    11 0 Reply
    1. TheVogon
      Reply Icon

      If you disable TLS 1.0 on the server side that will break some older clients - for instance Android 4.4 or earlier, IE 7 on Vista, IE8-10 on Win 7, IE10 on WinPhone 8, Java 6u45 and 7u25 or earlier, and Safari 5.1.9 and 6.0.4...

      3 0 Reply
      1. Sandtitz Silver badge
        Reply Icon

        Equally disabling SSL3 breaks even older clients. At some point you just have to let them go.

        0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like