Archived 2024-08-30. This article is no longer correct. See CDS, Transaction Security.
Question
There are four ECDHE ciphers listed as a SHALL in FAPI RW section 8.5 required for CDS transaction security https://consumerdatastandardsaustralia.github.io/standards/#transaction-security, our DH solution only supports two, is this acceptable?
Answer
Yes, it is acceptable to support one or more of the four ciphers listed, however you cannot support any ciphers that are not included.
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
An update to the CDS is required to ensure SHALL is interpreted consistently across all participants.
Comments
0 comments
Please sign in to leave a comment.