"TransportSecurity – TLS 1.2" Profile
This Facet defines a transport security for configurations with high security needs. It makes use of TLS 1.2 and uses TLS_RSA_WITH_AES_256_CBC_SHA256. As computing power increases, security algorithms are expected to expire. NIST provides guidelines for expected expiration dates for individual algorithms. These guidelines provide recommended dates at which the algorithm should be replaced or upgraded to a more secure algorithm. They do not indicate a failure of the algorithm. NIST has no recommendations for this TransportSecurity. It is recommended that Servers and Clients support all security profiles and developers provide the recommended profile as a default. It is up to an administrator to configure the actual exposed TransportSecurity Profiles.
This page lists the conformance units of the selected profile with their name and description.
Conformance units that are inherited via included Profiles are not listed by default. Use the following radio buttons to change this default behaviour.
Show only explicitly included conformance units
Show also conformance units from included profiles
Show all existing conformance units
Show relationship of Conformance Units with Units and Profiles for Clients / Servers
Security TLS_RSA with AES_256_CBC_SHA256
The connection is established using TLS_RSA_WITH_AES_256_CBC_SHA256. That has a MinAsymmetricKeyLength – 2048, MaxAsymmetricKeyLength – 4096, AsymmetricSignatureAlgorithm – RSA_SHA256. (TLS 1.2)