SHA-2 is used for the Hash-based Message Authentication Code (HMAC) and pseudorandom function (PRF) for TLS connections.
Topic
Configuring Transport Layer Security
Applicable to
all
History
Priority
should
Mar 2022
SHA-2 is used for the Hash-based Message Authentication Code (HMAC) and pseudorandom function (PRF) for TLS connections.
Miscellaneous changes were made to rationale and recommendations throughout the publication to clarify content without changing intent. This included a review from the Guidelines for System Hardening chapter through to the Guidelines for Data Transfers chapter.
Oct 2019
Cipher suites are configured to use SHA-2 as part of the Message Authentication Code and Pseudo-Random Function.
Security control 1375 was modified
Sep 2019
Cipher suites are configured to use SHA-2 as part of the Message Authentication Code and Pseudo-Random Function where possible.
2015
Cipher suites should be configured to use SHA-2 as part of the Message Authentication Code(MAC) and Pseudo-Random Function (PRF) where possible.