Security Enhancements for Springer Nature Platforms including SpringerLink

As of May 31, 2018 we removed support for any version of Transport Layer Protocol lower than 1.2 and this is not reversible.  It might be possible that users within your organization may be negatively impacted if you are using unsupported browsers or unsupported services, such as EZProxy.


What is Transport Layer Security protocol?

In short it is an important piece of security enabling privacy and protection for data transmitted between client / server applications.  TLS version 1.0 was introduced in 1999 and it is no longer as secure as later versions, namely v1.2 released in 2008.  Springer Nature dropped support for TLS below v1.2 on 31 May 2018. All clients able to speak TLS v1.2 will be considered safe and thus allowed to communicate with our servers.  We’ve provided some links at the end of this communication for you to learn more about this protocol.


What does removing this support mean for you and your users?  

For most users there will be no noticeable change except improved security.  TLS v1.2 has been supported by all major browsers since 2016 and is activated by default in the settings. Mobile browsers running on older smart devices and end-of-life machines are the most likely to be affected. 


What do you need to do to ensure you can continue to access Springer Nature websites on 1 March 2018 and beyond?  

It depends on your browser.  There are ways to check for Chrome, Firefox, Safari, Internet Explorer, Opera, Edge, and others.  However as a rough guide, browsers or technologies of the following specification or lower will no longer work on Springer Nature sites:


  • Android 4.3

  • Baidu Jan 2015

  • IE7 / Vista

  • IE8 / XP

  • IE 8-10 / Win 7

  • IE 10 / Win phone 8.0

  • Java 6u45

  • Java 7u25

  • OpenSSL 0.9.8y

  • Safari 5.1.9 / OS X 10.6.8

  • Safari 6.0.4 / OS X 10.8.4    


What about proxy or proxy services?  

If you use a proxy service you will need to check with your proxy provider or IT staff to make sure your proxy uses TLS v1.2 when communicating with our websites.  We understand many of our customers use EZproxy and we worked closely with OCLC during the transition to ensure compatibility.  Be sure to check their stanza listing for the most up to date information.


OCLC advised us that the only version of EZproxy that they still support that is not compliant with TLS v1.2 is version 6.0.8.  If you are running EZproxy locally that is older than version 6.1.16 it may not work to proxy on TLS v1.2.  Please contact OCLC for further information if either of these scenarios apply to you.


If you have any concerns please refer to our help pages or submit a query to our support team.  


Additional Resources:

SpringerLink Stanza (OCLC)

Security Support (OCLC)


SpringerLink

Configuring a Proxy to work with SpringerLink


General Information about TLS

https://en.wikipedia.org/wiki/Transport_Layer_Security

https://www.techopedia.com/definition/4143/transport-layer-security-tls

https://www.w3.org/2001/tag/doc/web-https


Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.