Update: The EU Proxy Ciphers update has been postponed. The new planned implementation date is September 27, 2024. We apologize for any inconvenience.
The EU proxy feature of Vonage Video API enables clients to route all internet traffic (except for media streams) via proxy servers hosted inside the EU. (Non-media traffic includes Video API calls, WebSocket connections, and log traffic.) The EU proxy feature is available to customers of the EU Regional Media Zone add-on feature, which enables applications to restrict all media stream traffic within the EU.
On September 27, 2024, we plan to update the Video API EU Proxy feature to support a broader array of robust ciphers, while also removing weaker ciphers.
As of this date, customers need to ensure they only use ciphers available from within the provided list of supported cipher suites provided below:
- TLS_AES_128_GCM_SHA256
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_256_GCM_SHA384
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA
Each cipher suite has been meticulously selected to align with stringent security standards, prioritizing the confidentiality, integrity, and authenticity of transmitted data. The inclusion of these robust cipher suites serves as a proactive measure to mitigate potential security vulnerabilities, ensuring a resilient and secure environment for customer interactions.
Usage of following Cipher suites is being deprecated to ensure compliance with security guidelines of Vonage:
- TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 (0xCC, 0xAC)
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xCC, 0xA9)
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xCC, 0xA8)
- TLS_ECDHE_ECDSA_AES_128_CCM (0xC0, 0xAC)
- TLS_ECDHE_ECDSA_WITH_AES_256_CCM (0xC0, 0xAD)
- TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 (0xC0, 0xAE)
- TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 (0xC0, 0xAF)
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x00, 0x9E)
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x00, 0x9F)
- TLS_DHE_RSA_WITH_AES_128_CCM (0xC0, 0x9E)
- TLS_DHE_RSA_WITH_AES_256_CCM (0xC0, 0x9F)
- TLS_DHE_RSA_WITH_AES_128_CCM_8 (0xC0, 0xA2)
- TLS_DHE_RSA_WITH_AES_256_CCM_8 (0xC0, 0xA3)
- TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0x00, 0xA2)
- TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 (0x00, 0xA3)
For further inquiries or assistance regarding the updated cipher suites supported by the EU Proxy, please reach out to our dedicated support team. We are committed to safeguarding the confidentiality and integrity of your data, prioritizing your security needs.