Page MenuHomePhabricator

Disabling old AWB versions
Closed, ResolvedPublic


Due to T238038, the browser support going away and then Wikimedia tightening up... we should just disable old AWB versions as they don’t support newer TLS

To quote the original task:

TLS 1.2 was published ten years ago to address weaknesses in TLS 1.0 and 1.1 and has enjoyed wide adoption since then. These old versions of TLS rely on MD5 and SHA-1, both now broken, and contain other flaws. TLS 1.0 is no longer PCI-DSS compliant and the TLS working group has adopted a document to deprecate TLS 1.0 and TLS 1.1.

TLS 1.1 and 1.0 support is being removed from the major browsers on early 2020 as announced:

Event Timeline

Reedy updated the task description. (Show Details)
Reedy claimed this task.

Done. Only enabled as "stable" now