- Title
- Transport Layer Security Fallback Profile
- Description
- This profile provides detailed information, guidance, and standardsto be used for the usage of Transport Layer Security version 1.2 (TLS 1.2) protocol to provide authentication, confidentiality and integrity services for protecting the communication between service providers and consumers.
Reference document
- Org
- FMN
- Pubnum
- Date
- 2022-12-02
- Version
- Title
- Proposed FMN Spiral 5 Specification
Taxonomy
Standards
Obligation: MANDATORY, Lifecycle: CANDIDATE
TLS 1.2 compression SHALL be disable with the use of the "null" compression method.
Obligation: MANDATORY, Lifecycle: CANDIDATE
TLS 1.2 base standards. Mandatory extensions Section 7.4.1.4.1 - Signature Algorithms
- Transport Layer Security (TLS)The Transport Layer Security (TLS) Protocol Version 1.2 (RFC 5246:2008)
- Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) (RFC 7525:2015)
Obligation: MANDATORY, Lifecycle: CANDIDATE
Transport Layer Security (TLS) Renegotiation Indication Extension Renegotiation shall only be initiated by the server.Implementation shall be compliant with RFC 7525, section 3.5
Obligation: MANDATORY, Lifecycle: CANDIDATE
TLS extensions Mandatory extensions Section 3 - Server Name Indication Extension Disallowed extensions Section 7 - Truncated HMAC
Obligation: MANDATORY, Lifecycle: CANDIDATE
Session Hash and Extended Master Secret Extension
Obligation: MANDATORY, Lifecycle: CANDIDATE
Negotiated Finite Field Diffie-Hellman Ephemeral Parameters Required curves secp256p1secp384p1
Obligation: MANDATORY, Lifecycle: CANDIDATE
Supported Elliptic Curves extension. Required extensions Section 5.1/5.2 - Supported Point Formats Required curves secp256r1secp384r1
Status
- UUID
- 20b90dd1-e1bd-4c3d-99b8-0eace176ebf8
Utilization
This profile is used by the following profiles:
- Infrastructure Security Standards Profiles - (profile)