Go directly to content Go directly to footer

Change from TLS 1.2 to TLS 1.3 for MSA interface

Change from TLS 1.2 to TLS 1.3 for MSA interface.

The HTG MSA uses Transport Layer Security (TLS) version 1.2 for communication with declarants. This is also stated in the document “HTG SMTP-MSA and POP3 interface description, version 1.1”. At the beginning of 2021, the National Cyber Security Center (NCSC) reduced the qualification of TLS 1.2 from Good to Sufficient. In response, the Security Operations Center (SOC) of the Tax Authorities has ordered to activate TLS 1.3 and then disable TLS 1.2.

The TLS upgrade takes place in two steps that are noticeable to the declarants. To give declarants and their software developers the opportunity to validate whether their software correctly supports TLS 1.3, the Business Test Environment (BTO) is first adjusted, and the production environment follows some time later.

The steps for each environment are:
1. First, in addition to TLS 1.2, the use of TLS 1.3 is activated. Declarants can then use a mail client that supports TLS 1.2 or TLS 1.3.
2. After some time, TLS 1.2 support will be disabled. Communication will then only take place via TLS 1.3.

Schedule
In the period until March 2, 2022, TLS 1.3 will be activated in HTG's internal test and acceptance environments.

• On March 2, 2022, TLS 1.3 will be activated in the BTO in addition to TLS 1.2. Both versions can then be used side by side. Software developers can then test whether their software can deal with this situation correctly, and take measures if necessary.
• On April 13, 2022, TLS 1.3 will be activated in the production environment in addition to TLS 1.2.
• On April 28, 2022, the use of TLS 1.2 will be disabled in the BTO. Only TLS 1.3 will then be available in the BTO. Software developers can then test whether their software can deal with this situation correctly, and take measures if necessary.
• On July 6, 2022, the use of TLS 1.2 will be disabled in production. Only TLS 1.3 will then be available. HTG thus complies with the security requirements (use TLS 1.3 and deactivate TLS 1.2).

All these changes can be realized without any downtime from HTG. In the near future, Customs will also publish the document “Interface description HTG SMTP-MSA and POP3, version 1.3” in which the use of TLS will be updated.

Do you have any questions or remarks? You can send an e-mail to: NHD.apeldoorn@douane.nl. We only answer and handle your e-mail messages on working days from 8 a.m. to 4 p.m.

If you use the services of a software supplier, you can also contact them about this.

Category

Share this page