1. Schedule
Sequentially from September 6 2016 (Tue.)
2. Affected client software
[Browser]
Old browsers like Internet Explorer 6 (depending on browser setting)
[Email software]
Some old email software
3. Problems you might encounter
[Browser]
You might be unable to browse web pages which start from https://, like Users' Information Change pages, Online registration for SpinNet pages, and etc..
[Email software]
Some email software might be unable to send and receive email with POP/SMTP over SSL if you configure it in software.
4. Solution
[Browser]
1) Internet Explorer 6 or earlier version user
The followings is about disabling SSL 3.0 and enabling TLS.
(1) Click Tools>Internet Options on menu bar.
(2) Click Advanced tab.
(3) Uncheck "Use SSL2.0" and "Use SSL3.0", then check "Use TLS1.0",
"Use TLS1.1" and "Use TLS1.2" in the Security section.
(4) Re-launch the browser in order to confirm that the target page can be opened.
2) Other browsers user
Please confirm how to configure it to the software provider.
[Email software]
You have to prepare email software supporting TLS connection if you wish encrypted connection.
Click here for more details.
5. About SSL 3.0 vulnerability
IPA independent administrative agency, Information-technology Promotion Agency
[Reference] About SSL 3.0 vulnerability (Japanese page only)
http://www.ipa.go.jp/security/announce/20141017-ssl.html
|