Hi,
I spoke directly to AWS technical support and I want to share what I’ve learned.
In a nutshell, if your customers are accessing your S3 data via a modern web browser, everything is ok and no changes required on your end ??
== Response from AWS: ==
AWS will be removing the ability for S3 clients to negotiate SSLv3 connections to the global S3 endpoints (not the buckets).
Going forward, for secure connections S3 clients will be required to support TLS 1.0 and above, TLS has been the standard for many years now.
There are no changes required to be made by you with respect to the bucket, bucket properties or URLs accessing the buckets.
This change will not impact most current, up-to-date web browsers and applications as all modern web browsers, SDK’s and API’s now support TLS 1.x.
If you received an email from us listing effected buckets, then those buckets were accessed by at least 1 client at least 1 time using SSLv3 as the communication protocol with in the last month.
