Transport layer protection

If your client is calling Oracle InForm Adapter web services that are hosted by Oracle, you must use Transport Layer Security (TLS) 1.1 or above to avoid man-in-the-middle attacks. In general, it is more secure to use TLS 1.2 for any client calling the Oracle InForm Adapter web services. Web client developers should enforce encrypted data transport when the application transports sensitive data and should validate that all certificates are legitimate and signed by public authorities.

Ciphers should be restricted to modern implementations.