Summary of Upcoming Changes with User Impacts

(Revised May 18, 2021)
 

AFFECTED USERS CHANGE DESCRIPTION

Effective Date: September 18, 2021 | Enhance Security: Disable Weak Ciphers in Production Environment

Grantor S2S, Applicant S2S

On September 18, 2021, Grants.gov will enhance security for our System-to-System (S2S) interface in the Production environment.

The following weak ciphers will be disabled:

  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

Grants.gov will continue to enable the following ciphers in Production and Training:

  • TLS_ECDHE_RSA_AES256_GCM_SHA384
  • TLS_DHE_RSA_AES256_GCM_SHA384
  • TLS_ECDHE_RSA_AES128_GCM_SHA256
  • TLS_DHE_RSA_AES128_GCM_SHA256

Grants.gov made this security enhancement in the Training environment on May 19, 2021 in order to give S2S users an opportunity to test and update their systems in preparation for the update in the Production environment.

Impact: Applicant and Grantor S2S Users should update their systems before September 18, 2021


For the Summary of Recent Changes with User Impact, please see the Releases page for the details of the recent enhancements to Grants.gov.