Security Improvements for Whois-RWS, RDAP, and www.arin.net
Posted: Wednesday, 02 December 2020
Service Update
Earlier this year, ARIN implemented security enhancements that included ending support for TLS 1.0 for Whois-RWS and RDAP services and improving ciphers used in www.arin.net. As part of our continuing effort to improve security, on or around 19 February 2021, we will end support for TLS 1.1 and weak Diffie-Hellman (DH) key exchange parameters on www.arin.net, Whois-RWS, and RDAP. We will also update the ciphers available on Whois-RWS and RDAP to match those on www and reg.arin.net. The removal of TLS 1.1 may impact the way you interface programmatically with ARIN to query and retrieve information from Whois-RWS and RDAP.
Changes in our supported versions of TLS are due to well-known security issues with this protocol. More information is available at https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/. ARIN continues to support TLS 1.2. The cipher update satisfies ACSP Suggestion 2015.15: Improvements to SSL Security for whois.arin.net.
We are providing you advance notice of these changes, as you may need to make configuration or code changes on your clients that interface with Whois-RWS and RDAP services. We encourage you to make these changes so you will have no operational impact when we disable the vulnerable transport protocol version.
Regards,
Mark Kosters
Chief Technology Officer
American Registry for Internet Numbers (ARIN)
Recent Announcements
- Reminder--Upcoming Security Improvements and Change to RDAP Bootstrap URL
- Now Accepting Applications to ARIN's Virtual Fellowship Program for ARIN 47
- Volunteer to Serve on the 2021 ARIN Fellowship Selection Committee
- ARIN 47 to be Held Virtually This April
- Reminder--Upcoming Security Improvements for Whois-RWS, RDAP, and www.arin.net
- 2020/21 ICANN Board Seat 9 Elections: Comment Phase Opens
- ARIN RDAP Bootstrap Server Change of Address
- Enhancements To Organization Create/Organization Recovery
- NRPM 2020.3 - New Policy Implemented
- Security Improvements for Whois-RWS, RDAP, and www.arin.net
- » View Archive