Friday, 1 December 2017

TLS 1.0 Disablement: What You Need to Know

TLS 1.0 Disablement - Paubox
Paubox ended support for the TLS 1.0 encryption protocol today.


  • Paubox now supports TLS 1.1 and 1.2 only.
  • PCI Compliance requires ending use of TLS 1.0 by 30 June 2018.
  • SSLv2, SSLv3 and TLS 1.0 are insecure protocols and are not supported.
  • The impact of the TLS 1.0 disablement will be minimal to customers and end users.

As previously announced, we ended support for the TLS 1.0 encryption protocol today.

Its more secure successor, TLS 1.1, will be the new minimum standard security protocol used by Paubox. We are doing this in order to align with industry-wide best practices for security and data integrity.

The impact of the TLS 1.0 disablement will be minimal to the end user.

What is TLS? (What is TLS 1.0?)

TLS, short for Transport Layer Security, is an encryption protocol that protects messages in transit from one server to another. The encryption protocol deploys whenever a web browser or application transmits data over a network.

All Paubox network traffic, whether it contains PHI or not, is encrypted using industry-standard transport encryption (TLS). TLS prevents emails from being read while in motion and ensures the communication is delivered to the appropriate recipient.

Currently, TLS has three versions: TLS 1.0, 1.1 and 1.2.

As an aside, there is a TLS 1.3 protocol. It’s a working draft however, with incomplete details.

Why is this happening?

At Paubox, we prioritize user experience, but not at the expense of security.

TLS 1.0 is vulnerable to a few attacks, such as the POODLE (Padding Oracle On Downgraded Legacy Encryption) and BEAST (Browser Exploit Against SSL/TLS).

RELATED: Make a Plan for the Middle Man

TLS 1.1 and 1.2, on the other hand, have no known weaknesses.

We are also acting in accordance with the PCI DSS (Payment Card Industry Data Security Standard). The PCI requires that TLS 1.0 no longer be used for secure communications, giving companies until 30 June 2018 to make the transition.

With this upgrade to TLS 1.1, you can continue sending encrypted HIPAA-compliant email with confidence that the highest security standards are in place and your sensitive information is safe.


Qualsys SSL Server Test screenshot of www.paubox.com
TLS 1.0 Disablement: What You Need to Know - Paubox

No comments:

Post a Comment