back to article Wait. What? The IBM cloud's APIs use insecure TLS1 crypto?

An email has gone out from IBM about its Bluemix cloud: after next Tuesday, the SoftLayer APIs will no longer accept connections encrypted with the ancient TLS 1.0. It's not quite a surprise that the 1990s-era protocol was still accepted: a great many services are still midway through their deprecation plans. To give just one …

Is news thin on the ground?

In the Bluemix e-mail, IBM notes: “There should be no impact to customers using a modern web client. This notification is intended to be informative only.

Hmm, sounds like a non-story.

1
2

It's a very helpful story when you are trying to convince manglement that they need to support your efforts to remove TLS1.0

11
0
Silver badge

If you disable TLS 1.0 on the server side that will break some older clients - for instance Android 4.4 or earlier, IE 7 on Vista, IE8-10 on Win 7, IE10 on WinPhone 8, Java 6u45 and 7u25 or earlier, and Safari 5.1.9 and 6.0.4...

3
0
Silver badge

Equally disabling SSL3 breaks even older clients. At some point you just have to let them go.

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018