2021-09-30 Enforcing the HTTPS protocol and high security cipher suites

In order to provide a higher level of security in data transfers with our Cantook Hub platforms, we are implementing two technical changes.

• The first change is the end of support for the HTTP protocol, thus enforcing the HTTPS protocol for all data transmissions. HTTPS is the secure version of the HTTP protocol, where all data exchanged between the client and the server is encrypted.
• The second change is the removal of low security cipher suites from the list of supported cipher suites; only higher security suites will be available.

Both changes will be rolled out to all Cantook Hub platforms on November 15, 2021.

Enforcing HTTP Strict Transport Security (HSTS)

All interactions with Cantook Hub platforms will require a secure connection (HTTPS). The platform will automatically forward all non-secure HTTP requests as HTTPS requests.

End of support for low security encryption suites

To ensure the highest security standards, only the following cipher suites will be supported by Cantook Hub platforms: 

• ECDHE-ECDSA-AES128-GCM-SHA256
• ECDHE-RSA-AES128-GCM-SHA256
• ECDHE-ECDSA-AES256-GCM-SHA384
• ECDHE-RSA-AES256-GCM-SHA384
• ECDHE-ECDSA-CHACHA20-POLY1305
• ECDHE-RSA-CHACHA20-POLY1305
• DHE-RSA-AES128-GCM-SHA256
• DHE-RSA-AES256-GCM-SHA384

What do I need to do?

If you are interacting with Cantook Hub using a web browser, you don't need to do anything. The two changes described above are natively supported by all recent browsers. 

If you have systems that interact with Cantook Hub via API, please make sure that your integrators use a HTTP client that supports both changes as described above.

Please note that the HTTPS connections and high security cipher suites listed above are already supported by Cantook Hub platforms. You can currently use them both in your production environment and for testing. The change that will take effect on November 15, 2021 is the end of support for both low security cipher suites and for HTTP, thus the implementation of our HSTS policy.

A one day testing period on November 2, 2021

In order for you to conduct system tests, we will deploy the above changes to production for a 24-hour test period on November 2, 2021. You'll then have until November 5, 2021 to provide us with your feedback regarding this test day.

Any questions?

Please feel free to contact our technical support team at help@demarque.com with any questions regarding this announcement.