|
PCI Compliance - TLSv1.0 Encryption Deprecation and Removal
What: TLSv1.0 deprecation for Email protocols
When: ON HOLD:
Window: 6pm to 8pm
When PCI Council released version 3.1 of their Data Security Standard (DSS). While most of the changes in this minor release are clarifications, there is at least one significant update involving secure communication protocols. The Council has decided that SSL and TLS 1.0 can no longer be used after June 30, 2016.
PCI Compliance Scans have now begun failing ecommerce sites that have any services using the TLSv1.0 protocol... PCI has deprecated the following protocol suites:
SSLv2 (2009)
SSLv3 (2015)
and now
TLSv1.0 (2016)
leaving: TLSv1.1 and TLSv1.2 as recommended modern encryption protocols...
In light of this, the PCI industry is forcing our hand to disable and remove the TLSv1.0 protocol, even if it has become a catch-22 with email clients (e.g. Apple mail)...
There are a number of email clients that are affected and we are working on a custom workaround solution written from scratch... I have tagged this as 'Tentative' in light of the custom solution not being done yet... We will be working as hard as possible to get this done in a timely manner in an effort to both satisfy ecommerce sites as well as clients that use email clients that are not compatible with >=TLSv1.1
__________________
The FutureQuest Team
|