Topic MVP Portal Important information MVP-Portal
Here you will find important information on technical issues for MVP-Portal
Maintenance on May 9, 2017 and May 10, 2017
You are authorized as a user of the Reporting and Publishing Platform (MVP Portal) of the Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht, BaFin).
The maintenance work that was scheduled on March 29, 2017 had to be canceled prematurely due unexpected problems. This maintenance will once again be undertaken between the hours of 12:00 PM on May 9th, 2017 and 12:00 PM May 10th 2017. During this period, the MVP Portal will be completely unavailable. All functions, such as self-registration for the MVP portal, applications for admission to technical procedures, and submission of notifications (whether via form, XML upload or SOAP webservice) will not be available during this period.
Please take this into consideration.
Maintenance on March 29, 2017 and March 30, 2017
Due to comprehensive maintenance work, the MVP Portal will be shut down completely between 12:00PM March 29, 2017 and 12:00PM March 30, 2017.
All functions, such as self-registration for the MVP Portal, applications for admission to technical procedures, and submission of notifications (whether via form, XML upload or SOAP Webservice) will not be available during this period.
TLS 1.2 Protocol in combination with Perfect Forward Secrecy (PFS)
Following approval by the Council of the IT representatives, the Federal Ministry of the Interior issued a General Administrative Regulation, issued by resolution no. 2014/11 from the 12th of December 2014. Thus, the application of the minimum standards of the Federal Office for Information Security (BSI) pursuant to paragraph 8 sentence 1 of the BSIG for use of SSL/TLS protocol is binding for Federal Government and thus, BaFin as well.
The minimum standard as outlined by BSI can be viewed here (german only). This minimum standard refers to the latest version of the Technical Guidelines TR-02102-2 "Cryptographic Methods: Recommendations and Key Lengths. Part 2 - Use of Transport Layer Security (TLS) "[TR-02102-2]. These guidelines can be obtained from BSI (german only).
BaFin will implement the aforementioned minimum standard requirements as of December 31st, 2016.
Specifically, this means that from January 1st, 2017 the MVP Portal will only support the TLS 1.2 protocol in combination with Perfect Forward Secrecy (PFS).
From the 1st of January 2017 onwards, BaFin will only support the following cipher suites / Elliptic Curves:
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 2048 bits
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6B) DH 2048 bits
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9E) DH 2048 bits
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67) DH 2048 bits
All cipher suites/Elliptic Curves for both the Web application (port 443) and web services (port 444) that will be used as of January 1st, 2017 are currently supported. In addition, it is currently possible to test configurations that will support the aforementioned TLS requirements. For all MVP Portal web services for specialized procedures, a second access route has been configured through the port 446.
When using an endpoint with port 446, rather than the standard port 444, the TLS configuration described above is used. As of January 1st, 2017, the new TLS configuration will be applied to the default ports 443 and 444 and access over port 446 will be disabled without further notice.
Example of test procedures "Filing of Final Terms" (EFT) using port 446:
When you only use a browser (no web service), no further action is required when using a current browser version.
An overview (without guarantee) of current Internet browser capabilities can be downloaded here. In particular, please note that Microsoft Internet Explorer version 10 and older will not be supported.
Author: IT 8