Action Required: Cryptographic Key Update (Jan 29th – Feb 28th, 2014)

On January 29th 2014, between 9:00 PM and 3:00 AM,  Cisco will be implementing feature and security updates to Cisco WebEx Meeting Center, Training Center, Event Center, Support Center, and WebEx recording URLs. These updates include modifying the way Cisco manages cryptographic keys used to generate URLs that link to WebEx recordings, iCalendar (.ics) files, unlisted program URLs in Event Center, WebACD support queue links in Support Center and links that are used to reset passwords. As a result, existing links that were generated by those services have been updated, and in some cases, users may need to request new links.

These updates are the result of Cisco’s continuing efforts to improve security, and are aimed at reducing risk for their customers. They represent part of their ongoing commitment to provide the latest features and security updates.

Affected Sites:

What to Expect

The update to your WebEx site(s) will occur on January 29th 2014. However; the service impacts will go into effect 30 days from the date the update is applied to your sites. This period of 30 days is called the “Compatibility Period” and is intended to minimize the potential impacts to users adjusting to the new security settings included in this release.

Cisco is making changes to improve the management of the cryptographic keys to generate URLs used in WebEx Meeting Center, Training Center, Support Center, and Event Center services. This update will invalidate the URLs for previous WebEx recordings and create a new URL for each recording. Other URLs will also be invalidated as a result of this change. Impacts are listed below.

There will be a one-time-only impact to WebEx recording URLs for WebEx Meeting Center, Event Center, Training Center & Support Center.

If you have distributed links to Meetings, Events or Training sessions prior to January 29th, you, as the host,  will have two options:

  1. If you do nothing, the link will still work, but the attendee will need to get the password from your invite to enter the meeting
  2. If you want to update the meeting so that the password will be encrypted in the URL (as it was prior to January 29th), then you must regenerate the URL to your meeting. To do this:
    1. Log into your WebEx site
    2. Go to My WebEx and find your meeting in the list
    3. Click on the topic (name of meeting)
    4. Click the Edit Button
    5. Click the Save button
    6. You will be prompted to send a new invite out, select “All Invited Participants” – even if you are the only invited participant, you will receive an email with the new, updated link which you can then distribute to your participants.

DO NOT MAKE ANY CHANGES PRIOR TO JANUARY 29th OR YOU WILL HAVE TO REPEAT THE ABOVE PROCESS AGAIN.

 

Time Sensitive – Action Required

After Friday, February 28, 2014 , old URLs will become invalid and users clicking on these links will be redirected to a WebEx.com page that provides a form for the user to request the updated URL. Following this recommendation is especially important for recording owners (hosts) with a high volume of popular recorded files and recordings posted or embedded in websites and documents.

For additional information to successfully implement the required changes, please review and distribute this notification along with the following link to the FAQ:https://support.webex.com/webex/meetings/en_US/key-modification-update-faq.htm


This entry was posted on Friday, January 24th, 2014 at 3:32 pm and is filed under Previous Service Updates. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.