Deprecation of outdated crypto support (was: Fwd: [arin-announce] Changes Coming to Cryptographic Features Across ARIN Services)

Thu, 01 Aug 2024 11:56:30 -0700 

NANOGers -

Note the planned depreciation of outdated cryptographic support for ARIN 
services in February 2025, as per the attached announcement.

While this may seem to be quite some time away, please take a moment to note 
the upcoming change with your IT/devops folks just in case.

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers

Begin forwarded message:

From: ARIN <i...@arin.net>
Subject: [arin-announce] Changes Coming to Cryptographic Features Across ARIN 
Services
Date: August 1, 2024 at 2:37:57 PM AST
To: "arin-annou...@arin.net" <arin-annou...@arin.net>

As of 3 February 2025, ARIN Will Only Support TLS 1.2 and TLS 1.3 Cryptographic 
Features Across All ARIN Services.

Historically, ARIN has allowed the use of a wide range of Secure Socket Layer 
(SSL) and Transport Layer Security (TLS) algorithms to enable secure, encrypted 
communication between our customers and services. Currently, ARIN supports TLS 
1.2 and TLS 1.3 as well as a subset of the stronger algorithms within TLS 1.0, 
TLS 1.1, and SSLv3 specifications for publicly available services such as 
ARIN.net<http://arin.net/> mail, Whois Restful Web Service (Whois-RWS), 
Registry Data Access Protocol (RDAP), ftp://ftp.arin.net<ftp://ftp.arin.net/>, 
and Resource Public Key Infrastructure Repository Data Protocol (RRDP). The 
remainder of ARIN services, including the ARIN website and Registration RESTful 
Web Service (Reg-RWS), only support TLS 1.2 and TLS 1.3.

ARIN will deprecate the outdated versions of SSL and TLS on 3 February 2025 and 
begin only using TLS 1.2 and TLS 1.3 protocols across all our services. We are 
providing six months’ notice of this change to allow customers to ensure that 
all applicable software supports TLS 1.2 and TLS 1.3 protocols to avoid losing 
connectivity to ARIN services. 

In the future, ARIN may more regularly update cipher suite and algorithm 
support within our published supported protocols to align with requirements 
from internal and external audits, security certifications, and community 
feedback.

Regards,

American Registry for Internet Numbers (ARIN)

_______________________________________________
ARIN-Announce

Reply via email to