You are here: Home > Publications > RIPE Labs > Robert Kisteleki > Stopping Support for Internet Explorer 8 on Windows XP in RIPE Atlas and RIPEstat

Stopping Support for Internet Explorer 8 on Windows XP in RIPE Atlas and RIPEstat

Robert Kisteleki — 24 Feb 2015
Microsoft ended support for Windows XP as of April 2014. We're about to change RIPE Atlas and RIPEstat to stop support for Internet Explorer 8 running on these systems.

 

[UPDATE: these changes have been rolled out between 11-13 March, on both RIPEstat and RIPE Atlas.]

Windows XP has been officially unsupported for almost a year now, which in general means there are no more security patches available, and users of this OS are facing more risk using it every day.

According to our internal statistics, only a small amount of users are accessing RIPE Atlas and RIPEstat using this browser (0.3% and 0.7%, respectively, and decreasing over time). We therefore plan to make configuration changes to these services to stop supporting Windows XP / Internet Explorer 8. This change will let us make changes to the secure communications (HTTPS) configuration in these services, by removing some less secure ciphers.

Please note that while these sites were still accessible with this browser, compatibility was already not guaranteed (as explained here ). This change will make these two sites inaccessible from this browser.

We're also thinking about the need for continued support for Internet Explorer 7 and 8 on Windows Vista and 7. No longer supporting these browsers would allow us to switch to more modern visualisation libraries. However, at the moment their usage is 2.1% and 1.1% (for RIPEstat and RIPE Atlas, respectively), so we don't think the time has come for this just yet. We plan to re-evaluate this issue during summer this year.

2 Comments

Mat says:
08 Apr, 2015 02:52 AM
According to ssllabs you are still supporting 3DES on Windows XP with IE8:
https://www.ssllabs.com/[…]/analyze.html?d=stat.ripe.net

So has the proposed change actually been rolled out?

On another note, why are yourself still using a certificate which is signed with SHA1?
Robert Kisteleki says:
08 Apr, 2015 10:49 AM
Yes, that was a regression that we fixed now. About the SHA-1: we'll likely upgrade when our certificate changes (and/or when the CA supports SHA-2 :-)
Add comment

You can add a comment by filling out the form below. Comments are moderated so they won't appear immediately. If you have a RIPE NCC Access account, we would like you to log in.