Commercial National Security Algorithm Suite Profile for TLS and DTLS 1.2 and 1.3
RFC 9151, “Commercial National Security Algorithm Suite Profile for TLS and DTLS 1.2 and 1.3”, is an Informational document published in April 2022 by D. Cooley. The canonical text is published by the RFC Editor.
Abstract
This document defines a base profile for TLS protocol versions 1.2 and 1.3 as well as DTLS protocol versions 1.2 and 1.3 for use with the US Commercial National Security Algorithm (CNSA) Suite.
The profile applies to the capabilities, configuration, and operation of all components of US National Security Systems that use TLS or DTLS. It is also appropriate for all other US Government systems that process high-value information.
The profile is made publicly available here for use by developers and operators of these and any other system deployments.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 9151 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9150 TLS 1.3 Authentication and Integrity-Only Cipher Suites
- RFC 9152 Secure Object Delivery Protocol Server Interfaces: NSA's Profile for Delivery of Certificates, Certificate Revocation Lists , and Symmetric Keys to Clients
- RFC 9149 TLS Ticket Requests
- RFC 9153 Drone Remote Identification Protocol Requirements and Terminology
- RFC 9148 EST-coaps: Enrollment over Secure Transport with the Secure Constrained Application Protocol
- RFC 9147 The Datagram Transport Layer Security Protocol Version 1.3
- RFC 9146 Connection Identifier for DTLS 1.2
- RFC 9143 Negotiating Media Multiplexing Using the Session Description Protocol