Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

Technical Advisory: HTTP Strict-Transport-Security Support

Avatar

Avatar
Ignite 5
Employee
Andrew_Gutierre
Employee

Likes

2 likes

Total Posts

29 posts

Correct Reply

1 solution
Top badges earned
Ignite 5
Ignite 3
Ignite 1
Give Back 5
Give Back 3
View profile

Avatar
Ignite 5
Employee
Andrew_Gutierre
Employee

Likes

2 likes

Total Posts

29 posts

Correct Reply

1 solution
Top badges earned
Ignite 5
Ignite 3
Ignite 1
Give Back 5
Give Back 3
View profile
Andrew_Gutierre
Employee

20-09-2019

Effective October 3, 2019, Audience Manager (AAM) and Experience Cloud ID Services (ECID) will implement support for HTTP Strict-Transport-Security.

HTTP Strict-Transport-Security (HSTS) is a security policy mechanism that helps protect against cookie hijacking and protocol downgrade attacks by not permitting HTTP traffic and transparently upgrading to HTTPS.

This change is being made to improve data security between the client and Adobe edge servers that support AAM and ECID functionality. The release is also a pre-requisite to changes needed for Chrome’s SameSite cookie labeling requirements.

The following changes will be made as part of this release:

  • Redirect all traffic from HTTP to HTTPS
  • Set the “Strict-Transport-Security” header on HTTPS responses
  • Enable “preload” to make non-compliant clients perform a transparent protocol upgrade

After this change, clients with unsecure websites may see an increase in response times due to the backend redirects required to enforce secure communication.

Based on internal analysis, less than 4% of customer traffic will be impacted by this release, however we recommend all customers ensure they are using HTTPS for their site traffic.

We regret any inconvenience this may cause; however, we take security and compliance seriously and feel that the benefits of this change outweigh the costs.

If you have any questions or concerns, please direct them to your account manager or Customer Care teams.

Sincerely,

- Adobe Audience Manager + Identity Service team (ECID)

Replies

Avatar

Avatar
Give Back
Level 1
shafiuli2353067
Level 1

Likes

0 likes

Total Posts

1 post

Correct Reply

0 solutions
Top badges earned
Give Back
View profile

Avatar
Give Back
Level 1
shafiuli2353067
Level 1

Likes

0 likes

Total Posts

1 post

Correct Reply

0 solutions
Top badges earned
Give Back
View profile
shafiuli2353067
Level 1

10-01-2020

Request to enterprise support link between management's.