Reference13r1:IP4/General/TLS: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
No edit summary |
||
| Line 3: | Line 3: | ||
;normal:Enables all supported versions and ciphers. Most recent versions and most secure ciphers have priority. | ;normal:Enables all supported versions and ciphers. Most recent versions and most secure ciphers have priority. | ||
;fast:Enables all supported versions and ciphers. The fastest ciphers have priority. Note that they provide less security. | ;fast:Enables all supported versions and ciphers. The fastest ciphers have priority. Note that they provide less security. | ||
; | ;high security:Disables all except the most recent TLS version and disables older ciphers. Note that this setting might cause compatibility issues. | ||
;strict:Disables all except the most recent TLS version and disables all except the most modern ciphers. Note that this setting might cause compatibility issues. | |||
;experimental:This profile is used for testing of new features. The configured parameters are subject to change without notice. So it should not be used in productive environments. | |||
For details see [[Howto:Security_works_with_innovaphone#Additional_Security_Features_in_Version_13r1]] | |||
==Disable persistent ticket storage== | |||
If this checkmark is set, TLS 1.3 session tickets are not stored persistently in the VARS. So they are not preserved when the device is restarted. | |||
(only applies for the TLS profile (experimental) | |||
Revision as of 15:50, 14 December 2021
Profile
Allows configuring different selections and priorities of TLS versions and cipher suites.
- normal
- Enables all supported versions and ciphers. Most recent versions and most secure ciphers have priority.
- fast
- Enables all supported versions and ciphers. The fastest ciphers have priority. Note that they provide less security.
- high security
- Disables all except the most recent TLS version and disables older ciphers. Note that this setting might cause compatibility issues.
- strict
- Disables all except the most recent TLS version and disables all except the most modern ciphers. Note that this setting might cause compatibility issues.
- experimental
- This profile is used for testing of new features. The configured parameters are subject to change without notice. So it should not be used in productive environments.
For details see Howto:Security_works_with_innovaphone#Additional_Security_Features_in_Version_13r1
Disable persistent ticket storage
If this checkmark is set, TLS 1.3 session tickets are not stored persistently in the VARS. So they are not preserved when the device is restarted.
(only applies for the TLS profile (experimental)