[AdvancedAmazonS3] Changes coming from Amazon S3

[AdvancedAmazonS3] Changes coming from Amazon S3

Forge Component
Published on 2013-08-08 by Ricardo Pereira
24 votes
Published on 2013-08-08 by Ricardo Pereira
I recieved this message from Amazon today:  Is the Advanced AmazonS3 connector affected by this?

Dear AWS Customer,
Your security is important to us. This message explains some security improvements in our services. Please review the entire message carefully to determine whether your use of the services will be affected, and if so what you need to do.
As of 12:00 AM PDT April 30, 2015, AWS will discontinue support of SSLv3 for securing connections to S3 buckets. Security research published late last year demonstrated that SSLv3 contained weaknesses that weakened its ability to protect and secure communications.  These weaknesses have been addressed in the replacement for SSL, TLS. Since then, major browser software vendors have been disabling support for SSLv3 and their work is largely complete. Consistent with our top priority to protect AWS customers, AWS will only support versions of the more modern Transport Layer Security (TLS) rather than SSLv3.
These requests will fail once AWS disables support for SSLv3 for the Amazon S3 service. To avoid interrupted access, you must update any client software (or inform any clients to update software) making the requests that are using SSLv3 to connect to S3 HTTPS endpoints.
For further reading on SSLv3 security concerns and why it is important to disable support for this nearly 18 year old protocol, we suggest the following articles:
We are happy to discuss with you in detail the necessary changes you must perform to ensure continued secure access to your S3 content.
Thank you for your prompt attention.
The Amazon Web Services Team
Hello Allen,

What this means is that clients connecting to Amazon S3 will need to support at least TLS v1.0 in order to be able to connect.

This would only affect legacy operating systems like Windows XP, and maybe (not likely) Windows 2003.

My guess is that you're most likely safe from any impact this may have.

Best regards,
Ricardo Silva
Thank you for the reply