As of 20th December 2021, the Transport Layer Security (TLS) 1.0 and 1.1 protocols are being deprecated for the Emarsys services.
This deprecation will mainly affect outdated applications (i.e. backend applications connecting to the Emarsys APIs).
What do you need to do?
Although these old versions (TLS 1.0 and TLS 1.1) are rarely used by clients, older versions of development tools still use it.
In order to prevent any communication issues, we strongly advise that:
- Review and update any application that doesn’t support TLS 1.2 or newer in order to continue to use the Emarsys APIs.
- Always use HTTPS to communicate with the Emarsys API.
- Ensure you connect to the API using secure cipher suites.
Supported ciphers
For your reference, the following ciphers are supported:
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_256_GCM_SHA384
- TLS_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_256_GCM_SHA384
- TLS_RSA_WITH_AES_128_GCM_SHA256
Older protocols are a security risk
Microsoft, Apple and Google announced long ago the end of support for TLS 1.0 and TLS 1.1.
All modern browsers and applications support TLS 1.2 and so does the vast majority of services, servers and applications.
The usage of TLS 1.0 and 1.1 acts as a security risk and although these old protocols are still supported by some servers, their usage is mainly by outdated non-browser software.
These old versions have cryptographic and implementation vulnerabilities and to provide all cryptographic services and protect your data, your customers’ data and our systems we can’t postpone this update.
What does this mean for the average browser user?
This change will be invisible. Most websites already support TLS 1.2 and any modern browser (any browser version released in the last five years) supports TLS 1.2.