Title
Transport Layer Security Fallback Profile
Description
This profile provides detailed information, guidance, and standardsto be used for the usage of Transport Layer Security version 1.2 (TLS 1.2) protocol to provide authentication, confidentiality and integrity services for protecting the communication between service providers and consumers.

Reference document

Org
FMN
Pubnum
Date
2021-10-20
Version
Title
Proposed FMN Spiral 5 Specification

Taxonomy

Standards

Obligation: Mandatory, Lifecycle: Candidate

TLS 1.2 base standards. Mandatory extensions Section 7.4.1.4.1 - Signature Algorithms

Obligation: Mandatory, Lifecycle: Candidate

TLS extensions Mandatory extensions Section 3 - Server Name Indication Extension Disallowed extensions Section 7 - Truncated HMAC

Obligation: Mandatory, Lifecycle: Candidate

Transport Layer Security (TLS) Renegotiation Indication Extension Renegotiation shall only be initiated by the server.Implementation shall be compliant with RFC 7525, section 3.5

Obligation: Mandatory, Lifecycle: Candidate

Negotiated Finite Field Diffie-Hellman Ephemeral Parameters Required curves secp256p1secp384p1

Obligation: Mandatory, Lifecycle: Candidate

Supported Elliptic Curves extension. Required extensions Section 5.1/5.2 - Supported Point Formats Required curves secp256r1secp384r1

Obligation: Mandatory, Lifecycle: Candidate

Session Hash and Extended Master Secret Extension

Obligation: Mandatory, Lifecycle: Candidate

TLS 1.2 compression SHALL be disable with the use of the "null" compression method.

Obligation: Mandatory, Lifecycle: Candidate

TLS 1.2 base standards. Mandatory extensions Section 7.4.1.4.1 - Signature Algorithms

Obligation: Mandatory, Lifecycle: Candidate

TLS extensions Mandatory extensions Section 3 - Server Name Indication Extension Disallowed extensions Section 7 - Truncated HMAC

Obligation: Mandatory, Lifecycle: Candidate

Transport Layer Security (TLS) Renegotiation Indication Extension Renegotiation shall only be initiated by the server.Implementation shall be compliant with RFC 7525, section 3.5

Obligation: Mandatory, Lifecycle: Candidate

Negotiated Finite Field Diffie-Hellman Ephemeral Parameters Required curves secp256p1secp384p1

Obligation: Mandatory, Lifecycle: Candidate

Supported Elliptic Curves extension. Required extensions Section 5.1/5.2 - Supported Point Formats Required curves secp256r1secp384r1

Obligation: Mandatory, Lifecycle: Candidate

Session Hash and Extended Master Secret Extension

Obligation: Mandatory, Lifecycle: Candidate

TLS 1.2 compression SHALL be disable with the use of the "null" compression method.

Status

URI

History

Flag Date RFC Version
added 2022-05-06 14-032 15.0
UUID
bdc6181e-4eeb-4c1c-8c72-265fab5dea89

Utilization

This profile is used by the following profiles: