29 TLS cipher suite supportCreated: 17 Jul 2023 Status: Approval (Future Improvement) Part: Part 3 (2023, Edition 2) Links: Page: 21 Clause: 7.2 Paragraph: Table 1 Issue The ciphersuite TLS-RSA-WITH-AES-128-CBC-SHA256 is often signalled in vulnerability scanners as it supports no PFS and uses CBC. Currently we have 4 mandatory to support cipher suites. Proposal to make this cipher suite conditional to allow not supporting it. Proposal Proposal to make TLS-RSA-WITH-AES-128-CBC-SHA256 conditional for backward compatibility with RFC 5246. This provides the possibility to switch it off if no backward compatibility is required.
Privacy | Contact | Disclaimer Tissue DB v. 23.12.13.1 |