Change Details

Due to T238038

Due to T238038, the browser support going away and then Wikimedia tightening up... we should just disable old AWB versions To quote the original task: TLS 1.2 was published ten years ago to address weaknesses in TLS 1.0 and 1.1 and has enjoyed wide adoption since then. These old versions of TLS rely on MD5 and SHA-1, both now broken, and contain other flaws. [[ https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls | TLS 1.0 is no longer PCI-DSS compliant ]] and the TLS working group has adopted a [[ https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00 | document ]] to deprecate TLS 1.0 and TLS 1.1. TLS 1.1 and 1.0 support is being removed from the major browsers on early 2020 as announced: * [[ https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/ | Mozilla ]] * [[ https://security.googleblog.com/2018/10/modernizing-transport-security.html | Google ]] * [[ https://webkit.org/blog/8462/deprecation-of-legacy-tls-1-0-and-1-1-versions/ | Apple ]] * [[ https://blogs.windows.com/msedgedev/2018/10/15/modernizing-tls-edge-ie11/ | Microsoft ]]

Due to T238038, the browser support going away and then Wikimedia tightening up... we should just disable old AWB versions To quote the original task: TLS 1.2 was published ten years ago to address weaknesses in TLS 1.0 and 1.1 and has enjoyed wide adoption since then. These old versions of TLS rely on MD5 and SHA-1, both now broken, and contain other flaws. [[ https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls | TLS 1.0 is no longer PCI-DSS compliant ]] and the TLS working group has adopted a [[ https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00 | document ]] to deprecate TLS 1.0 and TLS 1.1. TLS 1.1 and 1.0 support is being removed from the major browsers on early 2020 as announced: * [[ https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/ | Mozilla ]] * [[ https://security.googleblog.com/2018/10/modernizing-transport-security.html | Google ]] * [[ https://webkit.org/blog/8462/deprecation-of-legacy-tls-1-0-and-1-1-versions/ | Apple ]] * [[ https://blogs.windows.com/msedgedev/2018/10/15/modernizing-tls-edge-ie11/ | Microsoft ]]