Starting May 10, 2016, the TLS 1.0 encryption protocol will be disabled on all Aleyant webservers, including Pressero v5, Pressero v6 and eDocbuilder. Disabling TLS 1.0 this way guards against certain weaknesses in this older encryption protocol.
TLS, as well as the related but even older protocol SSL, are protocols used to safeguard a web connection between a browser and a web server, using encryption and identity verification. Pressero and eDocBuilder both use TLS as a key security component, ensuring nobody can eavesdrop on what is being sent from browser to server or back. This is an essential feature for safe credit card processing, and is required by the PCI standard.
Why is this happening?
The TLS version 1.0 protocol was introduced in January 1999 and is showing its age. Several attacks have been identified that weaken this protocol to the point where it is no longer entirely safe. It has been superceded by versions 1.1 and 1.2 of the TLS protocol.
What do I need to do to?
If you are using one of the modern browsers, listed below, you do not need to do anything at all. Your use of Pressero can continue uninterrupted and you will not notice any differences.
- Microsoft Internet Explorer 11
- Microsoft Edge
- Mozilla Firefox 27 or higher (desktop or mobile)
- Google Chrome 22 or higher (desktop or mobile)
- Google Android OS Browser on Android 5.0 or higher
- Apple Safari 7 and higher
- Mobile Safari 5 and higher
If you are using an older browser, you will probably need to switch to a newer one to continue to use Pressero. In fact, however, the entire Internet is moving away from TLS 1.0 so you will need to make this change anyway.