New security requirements for UC ANR websites

Jun 3, 2016

UC ANR encrypted websites will no longer accept connections from browsers lacking modern security features. In line with accepted industry practices and to maintain compatibility with our credit card processing system, browsers unable to use TLS 1.1 or 1.2 cryptographic protocols are not supported for secure connections to ucanr.edu.

Users with incompatible browsers will need to update their software. Recommended are Firefox, Chrome or any other browser that supports modern standards. All compatible browsers enable TLS 1.1/1.2 automatically; they require no special installation instructions. The increased security of ANR websites should impact only a very small number of users with out of date technology, but please contact us if you experience any difficulties.

For more information, please visit:
https://en.wikipedia.org/wiki/HTTPS
https://en.wikipedia.org/wiki/Transport_Layer_Security
http://crypto.stackexchange.com/questions/10493/why-is-tls-susceptible-to-protocol-downgrade-attacks

TLS fail


By Bruce Lidl
Author - IT Communications Specialist