When using DH or ECDH for key establishment of TLS connections, the ephemeral variant is used.
Topic
Configuring Transport Layer Security
Applicable to
all
History
Priority
should
Mar 2022
When using DH or ECDH for key establishment of TLS connections, the ephemeral variant is used.
Miscellaneous changes were made to rationale and recommendations throughout the publication to clarify content without changing intent. This included a review from the Guidelines for System Hardening chapter through to the Guidelines for Data Transfers chapter.
2015
When using DH or ECDH for key establishment, agencies should use the ephemeral variant.