6 Profiles ToC Previous

6.6 Profile tables ToC Previous

6.6.166 SecurityPolicy - Aes256-Sha256-RsaPss ToC Previous Next

Table 186 describes the details of the SecurityPolicy - Aes256-Sha256-RsaPss. This security Facet defines a security policy for configurations with a need for high security. It requires a PKI infrastructure. As computing power increases, security policies are expected to expire. NIST provides guidelines for expected expiration dates for individual algorithms. These guidelines provide recommended dates at which the algorithm should be replaced or upgraded to a more secure algorithm. They do not indicate a failure of the algorithm. This security policy has no published end dates as of this time. It is recommended that Servers and Clients support all security profiles and support configurability of actual exposed and default security policies.

Table 186 – SecurityPolicy - Aes256-Sha256-RsaPss

Group Conformance Unit / Profile Title Optional
Security Aes256-Sha256-RsaPss_Limits False
Security AsymmetricEncryptionAlgorithm_RSA-OAEP-SHA2-256 False
Security AsymmetricSignatureAlgorithm_RSA-PSS -SHA2-256 False
Security CertificateSignatureAlgorithm_ RSA-PKCS15-SHA2-256 False
Security KeyDerivationAlgorithm_P-SHA2-256 False
Security Security Certificate Validation False
Security Security Encryption Required False
Security Security Signing Required False
Security SymmetricEncryptionAlgorithm_AES256-CBC False
Security SymmetricSignatureAlgorithm_HMAC-SHA2-256 False

Previous Next