• CME ConfirmHub Notices: June 4, 2015

      • To
      • CME ConfirmHub Customers
      • From
      • Global Account Management
      • #
      • 20150604
      • Notice Date
      • 04 June 2015
      • Effective Date
      • 04 June 2015
    • Topics in this issue include:

      Update - Removal of RC4 Cipher Suites

      Denotes update to the article

      CME Group is committed to information security. To deliver the best security and customer experience, we are eliminating support of the RC4-based cipher suites for CME Group web-based applications, APIs, and service in Certification, New Release, and Production environments.

      As of this change, customers relying on RC4 cipher suites will no longer have access to these web-based applications, APIs, and services.

      Please note: CME Group strongly encourages customers to verify connections so those environments continue to function properly.

      RC4 cipher suites support will be removed as follows:

      • Production: Saturday, June 6, 2015 at 6:00 a.m. (CT)
      Removal of RC4 Cipher Suites 
      • CME Account Manager
      • AutoCert+
      • Broker to Broker
      • Broker Payment System (BPS)
      • CME Cleared Trades API
      • CME ClearPort API & GUI
      • CME ConfirmHub
      • CME Core
      • CME STP
      • CoLo Portal
      • CME Positions Systems
      • CME DataPoint
      • Deliveries Plus System
      • CME E-Bill
      • Enterprise Reporting Portal (EREP)
      • Exchange Fee System (EFS)
      • FEC, FEC+ and FEC for OTC IRS
      • Firm Admin Dashboard (FADB)
      • Firm Regulatory Portal
      • FirmSoft
      • Galax-C Admin
      • Give-Up Payment System (GPS)
      • Global Repository Services
      • Membership Portal
      • OR Web Report
      • CME Group Risk Management Tools –
        Globex Credit Controls (GC2), Risk Management Interface (RMI)
      • Settlements Firm
      • SMART Click
      • EOS Trader
      • Galax-C
      • CME Direct
      • Member Reporting System
      • IRS DMS
      • Registrar Reporting

      Customers following CME Group Web Browser Standards should not be impacted by this change. However, if customers connect through a proxy, they should ensure their proxy utilizes one or more of these CME Group supported ciphers:

      • TLS_RSA_WITH_AES_256_CBC_SHA256
      • TLS_RSA_WITH_AES_256_CBC_SHA
      • TLS_RSA_WITH_AES_128_CBC_SHA256
      • TLS_RSA_WITH_AES_128_CBC_SHA

      The change in Certification and New Release environments is complete.

      Leap Second Impact

      CME Clearing House processing will be paused from 18:55 - 19:05 Central time (CT) on Tuesday, June 30, for the leap second, including CME ConfirmHub. CME Group strongly recommends customers finish their processing prior to 18:55 CT and do not access any CME Clearing House systems during this window.

      CME Group uses Network Time Protocol (NTP) to synchronize time and maintain time accuracy. On Tuesday, June 30 (trade date Wednesday, July 1), a positive leap second will be added after 18:59:59 CT. A leap second is a one-second adjustment that is added to Coordinated Universal Time (UTC) to account for variability of the earth’s rotation.

      Trades submitted via CME ConfirmHub during the Leap Second window will be queued. Once the window is complete, all trades will be processed in the order received. Customers will not receive acknowledgements or trade reports until after the window.

      Please contact the Global Command Center (GCC) in the U.S. +1 800 438 8616, in Europe at +44 800 898 013 or in Asia at +65 6532 5010.

      Additional information is available at cmegroup.com/leapsecond