Changelog

TLS security enhancement: As part of our ongoing security program, we are updating the cipher suites used on Truv's public endpoints during our next major upgrade. Truv already requires TLS 1.2 or higher, and that minimum is not changing.

For nearly all integrations this change is transparent and requires no action. We do not expect any service interruption.

What is changing: We are removing one cipher suite, TLS_CHACHA20_POLY1305_SHA256. All other supported cipher suites remain available. A client is affected only if it relies on this cipher alone and cannot use a standard AES-GCM cipher suite. This is rare, since every mainstream HTTP client and runtime supports AES-GCM by default.