eIDAS Security of the Transport Layer - RUB-NDS/FutureTrust GitHub Wiki

The information is taken from[1].

If supported by the browser, TLS 1.2 must be used. Otherwise TLS 1.1 may be used. Prior TLS versions must not be used.

eIDAS-Nodes must only use cipher suites that provide perfect forward secrecy. If elliptic curves are used, they must be named elliptic curves and have a key length >224 bit. The minimal key lengths for ephemeral keys are 256 bit for ECDHE and 2048 bit for DHE.

Until 2017 eIDAS nodes must use extended validation certificates or qualified website certificates. As of 2018, newly issued TLS certificates for eIDAS nodes must be qualified.

List of recommended cipher suites:

  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

List of fallback cipher suites:

  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA

References

1. ^ eIDAS Spec. (2015, November 26). eIDAS Technical Subgroup. eIDAS Technical Specifications v1.0. https://joinup.ec.europa.eu/software/cefeid/document/eidas-technical-specifications-v10.

FutureTrust
⚠️ **GitHub.com Fallback** ⚠️