FTP Today has updated all its HTTPS settings to limit the choice of SSL ciphers available to various web browsers for SSL/TLS handshaking. The most significant change is the requirement of TLS 1.2 and the elimination of support for TLS 1.0 and TLS 1.1.
According to NIST, there are no fixes or patches that can adequately repair SSL or early TLS. Therefore, it is critically important that organizations upgrade to a secure alternative as soon as possible, and disable any fallback to both SSL and early TLS.
This change, effective June 11, 2018 at FTP Today, is critical to compliance not only with government related regulations such as ITAR, but also regulations such as HIPAA and PCS-DSS.
FTP Today has always been at the forefront of maintaining SSL security at the highest possible strength. At the same time, our Web App needs to be support as many different web browsers and versions as possible – as long as that doesn't compromise SSL security. All browsers are different, so there is always a careful balance between maintaining browser compatibility and strengthening SSL security. The trick is making sure that every browser (and version) like IE, Chrome, Firefox, Safari, Android and such, can choose the best and strongest cipher when connecting to the HTTPS server.
Most recent browser and operating system combinations already support TLS 1.2, therefore the vast majority of end users will not be affected. The most known combination that will be affected by this change is Internet Explorer 10 on Windows 7. Windows 7 users should upgrade their Internet Explorer web browser to version 11 or should use another browser such as Firefox or Chrome on their Windows 7 machine.