Reminder - ARIN Will Only Support TLS 1.2 and TLS 1.3 Cryptographic Features Across All ARIN Services As of 3 February 2025

Posted: Friday, 01 November 2024

On 3 February 2025, ARIN will deprecate the outdated versions of Secure Socket Layer (SSL) and Transport Layer Security (TLS) and will begin only using TLS 1.2 and TLS 1.3 protocols across all our services. This is the 90-day notice of this change, intended to allow customers to ensure that all applicable software supports TLS 1.2 and TLS 1.3 protocols to avoid losing connectivity to ARIN services.

Historically, ARIN has allowed the use of a wide range of SSL and TLS algorithms to enable secure, encrypted communication between our customers and services. Currently, ARIN supports TLS 1.2 and TLS 1.3 as well as a subset of the stronger algorithms within TLS 1.0, TLS 1.1, and SSLv3 specifications for publicly available services such as ARIN.net mail, Whois-RESTful Web Service (Whois-RWS), Registration Data Access Protocol (RDAP), ftp.arin.net, and Resource Public Key Infrastructure Repository Delta Protocol (RRDP). The remainder of ARIN services, including the ARIN website and Registration RESTful Web Service (Reg-RWS), only support TLS 1.2 and TLS 1.3. 

In the future, ARIN may more regularly update cipher suite and algorithm support within our published supported protocols to align with requirements from internal and external audits, security certifications, and community feedback. 

Regards,

American Registry for Internet Numbers (ARIN)