Background to The Internet Security Changes
Over the next couple of years the security protocol used across the internet, and particularly for handling online payments, is being upgraded. Earlier protocols, SSL and TLS v1.0/1.1, are being replaced by TLS v1.2. At the same time at least one provider (PayPal) is enforcing an upgrade to the protocol used for information transfer, HTTP, to v1.1.
This document provides some technical background to the changes, as affecting Sellerdeck users.
HTTP & TLS
Hypertext Transfer Protocol (HTTP) is the language used for the transfer of information across the internet. HTTP v1.0 is the original language of the internet and is still generally supported, but was officially replaced by v1.1 as long ago as January 1997.
Transport Layer Security (TLS) and its predecessor Secure Sockets Layer (SSL) enable two applications to communicate securely, protecting both the security of the user and the integrity of the information. They are often together referred to as ‘SSL’.
The prefix ‘HTTPS’ in a site address indicates that it uses (originally) SSL or (more recently) TLS to transmit HTTP data securely.
As computing power has increased over the years and hackers have found loopholes in older security protocols, newer and tougher versions have been developed. TLS v1.0 officially replaced SSL from June 2015, and was followed by v1.1. The latest version, v1.2, is already used by many applications.
From June 2017 application providers, including all payment gateways, will begin to withdraw support for older versions of TLS. This transition will be completed in June 2018. From that point on, only TLS v1.2 will be supported and all secure sites must support it.
PayPal will be enforcing the change earlier, in June 2017. At the same time they will also withdraw support for HTTP v1.0, requiring all communication to take place using HTTP v1.1.
At the moment, no other providers have suggested they will enforce HTTP v1.1. But all providers will enforce TLS v1.2 by June 2018.
Will my site be affected?
How this affects your site will depend on which Sellerdeck version you are using, and which services.
For step by step instructions about what you need to do, see our advice document, 'The Internet Security Changes and Your Sellerdeck Site'.
To understand more about the implications for each feature and service, please read the explanations below.
If you are using an older version, you must either upgrade your Sellerdeck software or download and run the Sellerdeck PHP upgrader. For more information about these two options, see our guidance notes, 'The Internet Security Changes and Your Sellerdeck Site', and refer to the relevant section for the version of Sellerdeck Desktop that you are using.
|Thread Tools||Search this Thread|
|Display Modes||Rate This Thread|