For some time, there have been three versions of the TLS (Transport Layer Security) protocol in use: TLS 1.0, 1.1, and 1.2. The PCI (Payment Card Industry) Council advised its date for when TLS 1.0 would be considered obsolete and a PCI violation on December 15th, 2015. They since extended this deadline to June 30, 2018. The PCI Council suggests organizations migrate from TLS1.0 to TLS 1.1 or higher before June 30.
Document Locator 7.2 SP3 complies with PCI mandates and supports TLS 1.1 and 1.2 natively.
It’s worth noting that older versions of Document Locator do not support the turning off of TLS 1.0. So, as TLS 1.0 is deactivated, a Document Locator upgrade may be needed. However, ColumbiaSoft customers get free Document Locator software upgrades while on subscription or maintenance.
Why TLS is important
TLS 1.0 was first defined in January 1999 as an upgrade of SSL Version 3.0. It is known to be vulnerable to attacks and supports only weak cryptography which doesn’t keep connections secure.
According to NIST (National Institute of Standards & Technology), there are no fixes or patches that can adequately repair early versions of TLS. Therefore, it’s important that organizations upgrade to a secure alternative as soon as possible. Further reading on the subject can be found at PCI Council’s blog: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls
TLS enables cryptographic protocols that provide communications security over a network. Secure communications between servers and web browsers ensures privacy and data integrity between applications. There are different versions of the protocol used widely in applications for secure web browsing, email, messaging, and voice over IP (VoIP).