The following is from Stripe themselves. The plugin will need some way to warn users that they need to do something:
In 2017, we’ll be deprecating some of the older security protocols (TLS 1.0, TLS 1.1, and SHA-1) used to make connections with Stripe’s APIs. I’m reaching out to give you an early heads up because your Stripe integration might be impacted.
Here are some of the key upcoming dates:
* On January 1, 2017, we’ll drop support for TLS 1.0 connections and SHA-1
certificates.
* On May 1, 2017, we’ll drop support for TLS 1.1 connections.
We’ve noticed that your Stripe integration appears to be using TLS 1.0, so you’ll want to follow the steps in this upgrade guide [1] to ensure that your Stripe integration isn’t interrupted in the next year.
To be clear, upgrading to TLS 1.2 will generally not involve any changes to your code, but may require that you update your operating systems, system packages, or language runtime libraries. (The exact methodology depends on your technology stack.)
While you’ll be required to make these changes to ensure that your Stripe integration isn’t interrupted, I’d like to stress that TLS 1.0, TLS 1.1, and SHA-1 are widely considered to be dangerously weak and upgrading as early as possible is an important part of keeping your business secure.
