Developments in the energy sector are moving at lightning speed. Examples are the energy transition, new entrants or the focus on data security. Themes in which we play an important role through agreements on sharing energy data.
TLS 1.3
Want to continue exchanging data within the energy sector? As of 1 April 2024, this will only be possible with TLS 1.3
It is important that messages can be sent in a secure manner. One of the approaches used to ensure this involves securing the so-called transport layer. TLS (Transport Layer Security) version 1.2 is currently used in the energy sector, but will now be replaced by TLS 1.3. This will make it possible to ensure the secure exchange of data. Agreements about this have been made within the energy sector. For instance, TLS 1.2 was introduced in 2016, and the NEDU General Meeting of Members decided in March 2022 to be one step ahead of potential security issues and to switch to TLS 1.3 before 31 December 2023.
On 8 November 2023, the GMM MFF decided to extend the dual phase until 31 March 2024. After this, it will no longer be possible to communicate with TLS 1.2.
To whom does this change apply?
TLS 1.3 will apply to all market parties that exchange data with central systems in the energy market. This includes all interfaces between these central systems and the local systems of individual market parties. The central systems are managed by EDSN and TenneT. The users that exchange such data are: transmission system operators and distribution system operators, suppliers, metering responsible parties, balance responsible parties (BRP’s) and other service providers (ODA’s).
What is TLS 1.3 and what are the advantages?
TLS stands for Transport Layer Security and is an encryption protocol that enables secure communication between systems. TLS 1.2 was introduced in 2008 and is approaching the end of its life cycle, which means security issues may be encountered in the future. However, TLS 1.3 is being introduced to pre-empt these issues. The security offered by TLS 1.3 is more robust and has improved encryption algorithms that feature no known shortcomings. In short: TLS 1.3 will improve the security of exchanged data and make it more future-proof.
How will this change take place?
Central systems
All central systems support TLS 1.3. Until 31 March 2024, all central systems will be equipped with TLS 1.2 and TLS 1.3 (dual phase).
Local systems
Market parties must update their (own) local systems to TLS 1.3. We use mijnMFFBAS and the website of MFFBAS to publish information that makes it easier for market parties to upgrade their systems. They are themselves responsible for performing this upgrade. Market parties are advised to first test this switch to TLS 1.3 on the testing environment of the central systems.
Phasing out of TLS 1.2
TLS 1.2 is expected to be phased out as of 1 April 2024. The MFF General Meeting of Members will make a decision about when the TLS 1.2 phasing-out process can be initiated for central systems. Once TLS 1.2 has been phased out, it will no longer be possible to use TLS 1.2 to send messages to the central systems.
All transfer information at a glance
Download the quick reference card about TLS 1.3 (in English). Here you will find all (technical) information to make the switch. All information about the phasing out of TLS 1.2 is summarized in the quick reference card ‘Phasing out TLS 1.2’.
Go to mijnMFFBAS
For more information and documentation on the introduction of TLS 1.3, please visit mijnMFFBAS: ‘Release’, ‘TLS 1.3‘.