Only a small fraction of traffic currently uses TLS 1.0 and 1.1, the vast majority are already using TLS 1.2 which will continue to be supported.
From our impact analysis, those not already using TLS 1.2 split into two groups: older Exchange servers and a handful of API customers.
For Exchange servers we will be shifting to a separate hostname which will continue to support TLS 1.0 and 1.1. Older Windows servers running Exchange do not support TLS 1.2 and so we cannot retire 1.0 and 1.1 from the entirety of our stack. The notifications we receive from these servers do not contain sensitive information and so we have deemed the risk is acceptable for continued service.
For our API customers, we have identified those currently using TLS 1.0 or 1.1 and will be in touch with them shortly to ensure they are aware of this change and to assist with any migration that is needed.
Prior to the full switch over, we will remove support for TLS 1.0 and 1.1 on the mentioned hostnames for roughly 3 hours on Thursday, February 20, 2020 between 12:00 and 15:00 UTC.
Posted Jan 29, 2020 - 11:28 GMT
This scheduled maintenance affected: API and Web App.