As a reminder, the SEC is updating the ciphers it supports in its Transport Layer Security (TLS) cryptographic protocol on Monday, January 17, 2022. The upcoming upgrade was previously announced on August 25, 2021 and October 27, 2021.
To encrypt and authenticate data, TLS relies on cipher sets (or profiles) that are updated periodically to enhance efficacy and security. While older cipher profiles support out-of-date, weak ciphers, the SEC aims to use newer, stronger cipher profiles that are compatible with all current web browsers.
The following ciphers will not be supported after January 17, 2022.
| TLS Version |
OpenSSL Cipher Name (Hex Code) |
IANA Cipher Name |
| 1.3 |
TLS-AES-128-CCM-8-SHA256 (0x13,0x05) (0x13,0x05) |
TLS_AES_128_CCM_8_SHA256 |
| 1.3 |
TLS-AES-128-CCM-SHA256 (0x13,0x04) |
TLS_AES_128_CCM_SHA256 |
| 1.2 |
ECDHE-ECDSA-AES256-SHA384 (0xC0,0x24) |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 |
| 1.2 |
ECDHE-ECDSA-AES128-SHA256 (0xC0,0x23) |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |
| 1.2 |
ECDHE-RSA-AES256-SHA384 (0xC0,0x28) |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 |
| 1.2 |
ECDHE-RSA-AES128-SHA256 (0xC0,0x27) |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 |
| 1.2 |
ECDHE-RSA-AES256-SHA
(0xC0,0x14) |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA |
| 1.2 |
ECDHE-RSA-AES128-SHA
(0xC0,0x13) |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA |
Newer versions of Windows automatically support the ciphers required by the SEC. If you are using an older version of Windows (Windows 8 or 7, for example), please update your operating system as soon as is feasible or consult your IT department for other alternatives.
Questions or comments may be submitted via email to: EDGAR_Escalations@sec.gov. Questions about GoFiler can be directed to support@novaworkssoftware.com.
Sources:
Correction: EDGAR Cipher Updates Coming January 17, 2022 (sec.gov)
