back to article Wait. What? The IBM cloud's APIs use insecure TLS1 crypto?

An email has gone out from IBM about its Bluemix cloud: after next Tuesday, the SoftLayer APIs will no longer accept connections encrypted with the ancient TLS 1.0. It's not quite a surprise that the 1990s-era protocol was still accepted: a great many services are still midway through their deprecation plans. To give just one …

RegGuy1

Is news thin on the ground?

In the Bluemix e-mail, IBM notes: “There should be no impact to customers using a modern web client. This notification is intended to be informative only.

Hmm, sounds like a non-story.

fnusnu

It's a very helpful story when you are trying to convince manglement that they need to support your efforts to remove TLS1.0

TheVogon
Silver badge

If you disable TLS 1.0 on the server side that will break some older clients - for instance Android 4.4 or earlier, IE 7 on Vista, IE8-10 on Win 7, IE10 on WinPhone 8, Java 6u45 and 7u25 or earlier, and Safari 5.1.9 and 6.0.4...

Sandtitz
Silver badge

Equally disabling SSL3 breaks even older clients. At some point you just have to let them go.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018