Skip to end of metadata
Go to start of metadata

The network wants to promote the use of strong cipher suites with minimum discomfort for end-users. Those roles that are in direct contact with their customers (e.g. a HM with it's DV's and an AD/MR with its users) are allowed to tighten security based on their risk analysis. This results in the following rules:

  • SSL 2.0/3.0 MUST NOT be used
  • For HM's (front channel): All connections MUST support TLS 1.0, TLS 1.1 and TLS 1.2
  • For DV/AD/MR (front channel) and DV-HM back channel: All connections MUST support TLS 1.2 and SHOULD NOT support TLS 1.0 and TLS 1.1
  • For all participants (back channel): All connections MUST support TLS 1.2
  • A participant MUST support one or more of the cipher suites that are categorized "good" in the cipher suite table below. A participant MAY support one or more of the cipher suites that are categorized "adequate" in the cipher suite table below.
  • A participant MUST follow the order of the cipher suite list, as it is ordered by strength/level of security, with the strongest/most secure cipher suite on top.
  • A participant SHOULD use a PKIoverheid G2, PKIoverheid G3 or PKIoverheid EV SSL certificate. If a PKIoverheid G2, PKIoverheid G3 or PKIoverheid EV SSL certificate is not used, a participant MUST use an EV SSL SHA2 certificate with a key length of at least 2048 bits. The (extended) key usage of the used certificate MUST allow use for TLS.
  • A participant MUST NOT use Insecure Renegotiation and Client-initiated Renegotiation.
  • A DV
    • SHOULD use an EV SSL SHA2 certificate
    • MUST use a certificate with a key length of at least 2048 bits
  • For communication over direct connections between participants or between DV and participants (e.g. back channel requests), TLS with mutual authentication using certificates MUST be used. The certificates used MUST be listed in the metadata.


The use of SSL certificates other than PKIoverheid G2 will be disallowed over time.

Cipher suites marked "good":

IANA formatOpenSSL formatGnuTLS format
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384ECDHE-ECDSA-AES256-GCM-SHA384TLS_ECDHE_ECDSA_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256ECDHE-ECDSA-AES128-GCM-SHA256TLS_ECDHE_ECDSA_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384ECDHE-RSA-AES256-GCM-SHA384TLS_ECDHE_RSA_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256ECDHE-RSA-AES128-GCM-SHA256TLS_ECDHE_RSA_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384AES256-GCM-SHA384TLS_RSA_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_GCM_SHA256AES128-GCM-SHA256TLS_RSA_AES_128_GCM_SHA256


Cipher suites marked "adequate":

IANA formatOpenSSL formatGnuTLS format
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384ECDHE-ECDSA-AES256-SHA384TLS_ECDHE_ECDSA_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256ECDHE-ECDSA-AES128-SHA256TLS_ECDHE_ECDSA_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHAECDHE-ECDSA-AES256-SHATLS_ECDHE_ECDSA_AES_256_CBC_SHA1
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHAECDHE-ECDSA-AES128-SHATLS_ECDHE_ECDSA_AES_128_CBC_SHA1
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384ECDHE-RSA-AES256-SHA384TLS_ECDHE_RSA_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256ECDHE-RSA-AES128-SHA256TLS_ECDHE_RSA_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAECDHE-RSA-AES256-SHATLS_ECDHE_RSA_AES_256_CBC_SHA1
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHAECDHE-RSA-AES128-SHATLS_ECDHE_RSA_AES_128_CBC_SHA1
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384ECDH-ECDSA-AES256-GCM-SHA384-
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256ECDH-ECDSA-AES128-GCM-SHA256-
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384ECDH-RSA-AES256-GCM-SHA384-
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256ECDH-RSA-AES128-GCM-SHA256-
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384ECDH-ECDSA-AES256-SHA384-
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256ECDH-ECDSA-AES128-SHA256-
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHAECDH-ECDSA-AES256-SHA-
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHAECDH-ECDSA-AES128-SHA-
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384ECDH-RSA-AES256-SHA384-
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256ECDH-RSA-AES128-SHA256-
TLS_ECDH_RSA_WITH_AES_256_CBC_SHAECDH-RSA-AES256-SHA-
TLS_ECDH_RSA_WITH_AES_128_CBC_SHAECDH-RSA-AES128-SHA-
TLS_RSA_WITH_AES_256_CBC_SHA256AES256-SHA256TLS_RSA_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256AES128-SHA256TLS_RSA_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHAAES256-SHATLS_RSA_AES_256_CBC_SHA1
TLS_RSA_WITH_AES_128_CBC_SHAAES128-SHATLS_RSA_AES_128_CBC_SHA1
  • No labels