Watson Supply Chain Ideas

Use this form to submit an idea for a new product feature. The product team will review your input and provide status updates as decisions are made regarding the request.

Before you submit a new idea, please view requests that have already been submitted. If your idea has already been submitted, you can add comments or vote on the existing idea, thereby indicating your agreement with the idea. We may use this information to help prioritize development of new features.

 

Submit ideas for Watson Marketing and Watson Commerce products

Elliptic curve Diffie Hellman ciphers

Our Security team would like the Elliptic curve Diffie Hellman ciphers enabled however they have not yet made it required. When they do make them required in the future we will have 100 days to enable them or switch to a different vendor that supports them.

We also have several customers that want to know why we do not support these ciphers.
  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Dec 19 2017
  • Delivered
How will this idea be used?
What is your industry?
What is the idea priority? High
DeveloperWorks ID DW_ID99749
RTC ID RTC_ID526640
Link to original RFE http://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=99749
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    March 27, 2018 10:30

    Elliptic curve is required for EBICS 3.0

  • Admin
    Ryan Wood commented
    September 19, 2018 23:56

    Version 6.0 introduced updated ciphers. Please see the following documentation

    https://www.ibm.com/support/knowledgecenter/SS3JSW_6.0.0/integrating/integrating/integrator/SFTP_Client_Begin_Session_svc.html

    You cannot configure the SSH Key Exchange algorithms to be used with SFTP in the Sterling B2B Integrator UI. To select strong SSH Key Exchange algorithms, specify the values to be used in SSHKeyExchangeAlgList in the security.properties file. For example, SSHKeyExchangeAlgList=diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1. You can verify the algorithm used in the SFTP Client Begin Session service status report.

    Sterling B2B Integrator also supports the following key exchange algorithms:
    • ecdh-sha2-nistp256
    • ecdh-sha2-nistp384
    • ecdh-sha2-nistp521