Deprecation of outdated crypto support (was: Fwd: [arin-announce] Changes Coming to Cryptographic Features Across ARIN Services)
NANOGers - Note the planned depreciation of outdated cryptographic support for ARIN services in February 2025, as per the attached announcement. While this may seem to be quite some time away, please take a moment to note the upcoming change with your IT/devops folks just in case. Thanks! /John John Curran President and CEO American Registry for Internet Numbers Begin forwarded message: From: ARIN <info@arin.net> Subject: [arin-announce] Changes Coming to Cryptographic Features Across ARIN Services Date: August 1, 2024 at 2:37:57 PM AST To: "arin-announce@arin.net" <arin-announce@arin.net> As of 3 February 2025, ARIN Will Only Support TLS 1.2 and TLS 1.3 Cryptographic Features Across All ARIN Services. Historically, ARIN has allowed the use of a wide range of Secure Socket Layer (SSL) and Transport Layer Security (TLS) algorithms to enable secure, encrypted communication between our customers and services. Currently, ARIN supports TLS 1.2 and TLS 1.3 as well as a subset of the stronger algorithms within TLS 1.0, TLS 1.1, and SSLv3 specifications for publicly available services such as ARIN.net<http://arin.net/> mail, Whois Restful Web Service (Whois-RWS), Registry Data Access Protocol (RDAP), ftp://ftp.arin.net<ftp://ftp.arin.net/>, and Resource Public Key Infrastructure Repository Data Protocol (RRDP). The remainder of ARIN services, including the ARIN website and Registration RESTful Web Service (Reg-RWS), only support TLS 1.2 and TLS 1.3. ARIN will deprecate the outdated versions of SSL and TLS on 3 February 2025 and begin only using TLS 1.2 and TLS 1.3 protocols across all our services. We are providing six months’ notice of this change to allow customers to ensure that all applicable software supports TLS 1.2 and TLS 1.3 protocols to avoid losing connectivity to ARIN services. In the future, ARIN may more regularly update cipher suite and algorithm support within our published supported protocols to align with requirements from internal and external audits, security certifications, and community feedback. Regards, American Registry for Internet Numbers (ARIN) _______________________________________________ ARIN-Announce
participants (1)
-
John Curran