Only server-initiated secure renegotiation is used for TLS connections.
Topic
Configuring Transport Layer Security
Applicable to
all
History
Priority
should
Mar 2022
Only server-initiated secure renegotiation is used for TLS connections.
Miscellaneous changes were made to rationale and recommendations throughout the publication to clarify content without changing intent. This included a review from the Guidelines for System Hardening chapter through to the Guidelines for Data Transfers chapter.
Oct 2019
Only server-initiated secure renegotiation is used.
Security control 1371 was merged with security control 1370.
Sep 2019
A TLS implementation that supports secure renegotiation is used.
2015
Agencies should use a TLS implementation that supports secure renegotiation.