Announcement
SEC.gov Cipher Updates
Aug. 25, 2021
August 26, 2021
Filers who use third-party custom software solutions to connect to EDGAR should be aware that the SEC will update the ciphers it supports in its Transport Layer Security (TLS) cryptographic protocol on November 30, 2021.
TLS relies on cipher sets to encrypt and authenticate data. These cipher sets, or profiles, are updated from time to time to improve efficiency and security. Older cipher profiles support out-of-date weak ciphers. We strive to use newer stronger cipher profiles which are compatible with all up-to-date web browsers.
A table of the SEC’s currently supported ciphers is below. Ciphers in red italics will not be supported after November 30, 2021.
If you have any questions, please email EDGAR_Escalations@sec.gov.Thank you.
|
TLS Version |
OpenSSL Cipher Name (Hex Code) |
IANA Cipher Name |
|---|---|---|
|
1.3 |
TLS-AES-256-GCM-SHA384 (0x13,0x02) |
TLS_AES_256_GCM_SHA384 |
|
1.3 |
TLS-CHACHA20-POLY1305-SHA256 (0x13,0x03) |
TLS_CHACHA20_POLY1305_SHA256 |
|
1.3 |
TLS-AES-128-GCM-SHA256 (0x13,0x01) |
TLS_AES_128_GCM_SHA256 |
|
1.3 |
TLS-AES-128-CCM-8-SHA256 (0x13,0x05) (0x13,0x05) |
TLS_AES_128_CCM_8_SHA256 |
|
1.3 |
TLS-AES-128-CCM-SHA256 (0x13,0x04) |
TLS_AES_128_CCM_SHA256 |
|
1.2 |
ECDHE-ECDSA-AES256-GCM-SHA384 (0xC0,0x2C) |
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
|
1.2 |
ECDHE-ECDSA-AES128-GCM-SHA256 (0xC0,0x2B) |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
|
1.2 |
ECDHE-RSA-AES256-GCM-SHA384 (0xC0,0x30) |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
|
1.2 |
ECDHE-RSA-AES128-GCM-SHA256 (0xC0,0x2F) |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
|
1.2 |
ECDHE-ECDSA-CHACHA20-POLY1305 (0xCC,0xA9) |
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 |
|
1.2 |
ECDHE-RSA-CHACHA20-POLY1305 (0xCC,0xA8) |
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 |
|
1.2 |
ECDHE-ECDSA-AES256-SHA384 (0xC0,0x24) |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 |
|
1.2 |
ECDHE-ECDSA-AES128-SHA256 (0xC0,0x23) |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |
|
1.2 |
ECDHE-RSA-AES256-SHA384 (0xC0,0x28) |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 |
|
1.2 |
ECDHE-RSA-AES128-SHA256 (0xC0,0x27) |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 |
|
1.2 |
ECDHE-RSA-AES256-SHA (0xC0,0x14) |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA |
|
1.2 |
ECDHE-RSA-AES128-SHA (0xC0,0x13) |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA |