- We do not accept any insecure HTTP communication nor inbound nor outbound
- We do not accept cryptographic protocols already known as vulnerables or known as using weak ciphers. Specifically, all versions of SSL (Secure Sockets Layer) and TLS (Transport Layer Security) versions 1.0, 1.1.
- We do not accept weak ciphers on TLS version 1.2. To be more specifically we only accept the following ciphers:
We plan to decommission TLS 1.2 and only accept connections using TLS version 1.3, but unfortunately we couldn’t take yet the step to only accept TLS version 1.3 (or above) due to some legacy present in some of our customers and even on a few cloud services that we use, sorry for that.