CSSCurrent en:Update from v4.4.0 to v4.5.0

Aus Cryptshare Documentation
Wechseln zu:Navigation, Suche



Important Update Notes

Changed Cipher Suite configuration

Please note, that the new cipher suite configuration will not be applied automatically by the update process. In order to have the most secure configuration the cipher suite configuration needs to be manually adjusted as shown below.
Changed cipher suite configuration

<Set name="includeCipherSuites">
   <Array type="java.lang.String">
      <Item>TLS\_ECDHE.\*</Item>
      <Item>TLS\_AES\_128\_GCM\_SHA256</Item>
      <Item>TLS\_AES\_256\_GCM\_SHA384</Item>
   </Array>
</Set>
<Set name="excludeCipherSuites">
   <Array type="java.lang.String">
      <Item>.\*NULL.\*</Item>
      <Item>.\*RC4.\*</Item>
      <Item>.\*MD5.\*</Item>
      <Item>.\*DES.\*</Item>
      <Item>.\*DSS.\*</Item>
      <Item>TLS\_RSA.\*</Item>
      <Item>TLS\_ECDHE\_ECDSA\_WITH\_AES\_256\_CBC\_SHA</Item>
      <Item>TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA</Item>
      <Item>TLS\_ECDHE\_ECDSA\_WITH\_AES\_128\_CBC\_SHA</Item>
      <Item>TLS\_ECDHE\_RSA\_WITH\_AES\_128\_CBC\_SHA</Item>
      <Item>TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA384</Item>
      <Item>TLS\_ECDHE\_RSA\_WITH\_AES\_128\_CBC\_SHA256</Item>
   </Array>
</Set>
More information about configuring Cipher Suites can found by Web Server Configuration.


Pre-Processing is now a policy setting

The pre-processing settings are now part of the policy as well. This allows the configuration of different pre-processing settings per Policy Rule.

Please note, that this change implies, that changes to the global pre-processing settings will not have an effect until they are applied to existing policy rules.


Language Packages

Due to structural changes in the language packages, all supported server language packages will be updated automatically, customized language packages will be removed during the update process (a backup is done before). If more language packages are needed, it is required to download and install them again.


Delta-File for changed passages

In case your language packages have been modified, the attached delta-file delta\_english\_lp\_4.4.0\_to\_4.5.0.txt can help you to locate the changes in this update and re-apply the modifications.

Click here to see how the delta file for language packages is built.

72320016.png

Removed Files
Files listed in this section have been removed from the language package entirely.
\--------------------------------------------------------------------
REMOVED FILES
--------------------------------------------------------------------
<files>


New Files
Files listed in this section have been added to the language package.
\--------------------------------------------------------------------
NEW FILES
--------------------------------------------------------------------
<files>


Modified Files
Files listed in this section have been modified, which can be one of the following cases:
  • Keys have been removed
  • Keys have been added
  • Keys have been modified
\--------------------------------------------------------------------
MODIFIED FILES
--------------------------------------------------------------------
-----------------------------------------------------------------
<path and file name>
-----------------------------------------------------------------
------------------
---Removed keys---
------------------
<keys>
--------------
---New keys---
--------------
<keys>
-------------------
---Modified keys---
-------------------
KEY: <affected key>
OLD: <former key & value>
NEW: <new key & value>
In case of a modification, the affected key, its old value and its new value is shown.


Re-designed download section

The download section in the Cryptshare User Interface has been redesigned in order to provide a user experience most users will be more familiar with and to better utilize larger screens on desktop browsers.

General Changes

  • The interface is now more e-mail client oriented: The transfer subject, sender address and recipient addresses can now be seen on first sight in the head section when the download is shown and this information is now longer hidden in the 'Details' section of this page.
Transfer Subject
Please note, that the transfer subject is only shown here, if logging of the transfer subject has been activated. More information about administrative settings and their effect on the download section can be found here: Effects of Administrative Settings on the Download Page.


  • The layout for the single-file download buttons has changed.
  • The checksum download is now listed along with the single-file download items under 'Further download options'.
  • The viewport width has changed from 600px on desktop browsers to 1024px.

Reply Buttons

There are now 2 reply buttons in the download section, just like the ones most users will recognize from their e-mail client. When clicked, these buttons will either initiate a new transfer replying to the sender of this transfer or initiate a transfer to the sender and all known recipients of the transfer.

Confidential Message

If a transfer contains a confidential message it doesn't need to be opened via the content viewer anymore. The message is directly shown in the download screen: 72320017.png

Please note, that this preview still is restricted to the configured maximum size for the content-viewer in the download section. This means, that confidential messages which exceed this threshold will not be shown in the preview.


Details

Transfer Details which may not be relevant for most users, still remain hidden under a 'Details' section. These are:

  • The transfer expiration date.
  • The tracking ID of the transfer.
  • The security mode used to send the transfer.
  • Whether the sender has requested a download confirmation notification.

The state of the details section (collapsed or expanded) is now stored in a cookie, allowing the users to keep their preferred state stored in the browser.

New QUICK features

New role for administrators: 'QUICK' Supporter

A new type of administrator has been introduced. This administrator is only allowed to generate QUICK activation codes. This allows to widen the range of authorized persons who will then be able to help out when a user requests a QUICK activation code while not being able to administer the server.

Client-Verification mode now QUICK compatible

Please note, that this information is only relevant for users of the Cryptshare Java API, the Cryptshare .NET API or the Cryptshare Robot as only for these products the verification mode can be changed.


Until now QUICK Technology could only be used if the sender verification mode was set up. Due to the nature of QUICK and the former way of how the client verification mode was operating, QUICK could not be used together with this verification mode.

CSV Import for Policy Rules

Policy Rules can now be managed using a CSV file. This allows easier administration for large amounts of rules.

Additional Changes

  • Resolved an issue where images in Cryptshare e-mail notifications were not always shown.
  • Resolved an issue where archiving did not properly write files when the file name contained certain special characters.
  • Resolved an issue where the views for the outbound and inbound transfer volume were reversed.
  • Internal project libraries have been updated.
  • The Java Runtime Environment has been updated tp v11.0.6