1. Security
  2. Overview
  3. Standard Features
  4. TLS Protocol and Cipher Suites

TLS Protocol and Cipher Suites

The Transport Layer Security (TLS) protocol is an established method for ensuring private, trustworthy, and reliable communication between computer programs over a network. Computer programs use the HTTPS protocol to establish communication with each other using the TLS encryption protocol. After the computers have agreed on which cipher to use, authenticated each other, and selected a method to ensure reliable communication, they agree to communicate. This exchange is known as the TLS handshake.

Each new version of the TLS protocol enhances these qualities. TLS 1.2 is the version currently supported for use in OpenAir. All inbound and outbound secure communication must use TLS 1.2.

Supported Cipher Suites

OpenAir currently supports the following cipher suites

  • DHE-RSA-AES128-GCM-SHA256

  • DHE-RSA-AES256-GCM-SHA384

  • ECDHE-ECDSA-AES128-GCM-SHA256

  • ECDHE-ECDSA-AES256-GCM-SHA384

  • ECDHE-RSA-AES128-GCM-SHA256

  • ECDHE-RSA-AES256-GCM-SHA384

Important:

The list of supported ciphers is subject to change at any time. It is your responsibility to be aligned with the highest possible level of security available in the industry. This applies to:

  • Browser access — Users should update to the latest browser versions and OS versions to ensure they are using up to date ciphers.

  • Integration client access —IT/Technical teams need to be sure connections from any integration tools have supported ciphers enabled.