As a user of the BPA public website, we want to inform you of a change regarding supported encryption protocols. Starting July 18, 2018, BPA will disable the TLS 1.0 and 1.1 encryption protocols. This action will prevent TLS 1.0 and 1.1 from being used to access the BPA website.
Up to date modern browsers support TLS 1.2 and will have no issue accessing BPA's website after July 18, 2018.
Why is this happening?
Sensitive data needs protection when transmitted across an insecure network, so administrators employ protocols that reduce the risk of that data being intercepted and used maliciously. TLS, a standard specified by the Internet Engineering Task Force, defines the method by which client and server computers establish a secure connection with one another to protect data that is passed back and forth. TLS is used by a wide variety of everyday applications, including email, secure web browsing, instant messaging and voice-over-IP (VOIP).
The Internet Engineering Task Force found vulnerabilities in TLS 1.0, one of the most widely used protocols, and updated it to TLS 1.1 and then TLS 1.2 to resolve many of these security issues. In order to mitigate these vulnerabilities, BPA will disable the use of TLS 1.0 and 1.1 for connections to our public website.
What action do I need to take?
If you want to continue to access the BPA website, you need to ensure your browser has TLS 1.2 enabled. If your browser or integration does not have TLS 1.2 enabled after we make this change, then you will NOT be able to access our website.
You can see if your browser supports TLS 1.2 at this site:
View this page to Enable TLS 1.2 on various browsers