DNS Belgium will stop supporting TLS 1.0 and 1.1 on EPP

metaregistrar / php-epp-client

Object-oriented PHP EPP Client

https://www.metaregistrar.com/docs/

MIT License

214 stars 159 forks source link

DNS Belgium will stop supporting TLS 1.0 and 1.1 on EPP #161

Closed wouterca closed 5 years ago

wouterca commented 6 years ago

Hello,

DNS Belgium would stop supporting TLS 1.0 and 1.1 on EPP at the end of November. Will this be a concern? Unless I'm mistaken, the current connection uses SSLv3 in php-epp-client at the moment.

Thanks in advance,

Wouter

metaregistrar commented 6 years ago

Hello Wouter,

The php-epp-client does not specify an encryption method upon connection, but relies on the standard negotiation of the openssl libraries.

we have not encountered any problems connecting to DNS Belgium test services so far, but i do not know if the test services have already dropped tls-1.0 and tls-1.1

wouterca commented 6 years ago

They will apparently drop it on the test server one week before they implement it on the production server.
So as long as we have at least openssl 1.0.1 (when TLS 1.2 was added), we should be ok.