[arin-tech-discuss] TLS Updates to ARIN's websites

[Matt Rowley]

Howdy folks,

Two days ago, ARIN updated the list of TLS versions and ciphers
supported on our website (www.arin.net) as well as on our RESTful
endpoints.  TLSv1.0 was disabled during this process, however this
inadvertently impacted customers using that older method.  In order to
facilitate a more gradual transition to more secure protocols, we've
re-enabled TLSv1.0 for applications using reg.arin.net as an endpoint
for RESTful calls.  Any customers using www.arin.net/rest will need to
either point to reg.arin.net or utilize a modern and secure protocol.
We still plan the eventual retirement of TLSv1.0, but we will send an
announcement to the community at least 120 days prior to removal.  In
the meantime, we strongly urge customers to update their software to a
newer protocol.

Our apologies for any inconvenience that Wednesday's maintenance may
have caused.  Please feel free to reach out with any questions or
concerns you may have.

thanks,
Matt Rowley