-
Notifications
You must be signed in to change notification settings - Fork 0
/
IIS_Crypto_BSI_TR02102-2.ictpl
71 lines (70 loc) · 3.67 KB
/
IIS_Crypto_BSI_TR02102-2.ictpl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<?xml version="1.0" encoding="utf-8"?>
<iisCryptoTemplate version="3">
<header>
<name>BSI TR-02102-2 (2023-01)</name>
<author>Lars Winkler</author>
<lastUpdated>2023-07-28T15:17:14.4418215Z</lastUpdated>
<description>Technische Richtlinie TR-02102-2
Kryptographische Verfahren:
Empfehlungen und Schlüssellängen
Teil 2 – Verwendung von Transport Layer Security (TLS)
Version 2023-01</description>
<builtIn>false</builtIn>
</header>
<schannel>
<clientProtocols>
<templateItem name="Multi-Protocol Unified Hello" value="0" />
<templateItem name="PCT 1.0" value="0" />
<templateItem name="SSL 2.0" value="0" />
<templateItem name="SSL 3.0" value="0" />
<templateItem name="TLS 1.0" value="0" />
<templateItem name="TLS 1.1" value="0" />
<templateItem name="TLS 1.2" value="-1" />
<templateItem name="TLS 1.3" value="-1" minimumOSVersion="Windows2022" />
</clientProtocols>
<serverProtocols>
<templateItem name="Multi-Protocol Unified Hello" value="0" />
<templateItem name="PCT 1.0" value="0" />
<templateItem name="SSL 2.0" value="0" />
<templateItem name="SSL 3.0" value="0" />
<templateItem name="TLS 1.0" value="0" />
<templateItem name="TLS 1.1" value="0" />
<templateItem name="TLS 1.2" value="-1" />
<templateItem name="TLS 1.3" value="-1" minimumOSVersion="Windows2022" />
</serverProtocols>
<ciphers>
<templateItem name="NULL" value="0" />
<templateItem name="DES 56/56" value="0" />
<templateItem name="RC2 40/128" value="0" />
<templateItem name="RC2 56/128" value="0" />
<templateItem name="RC2 128/128" value="0" />
<templateItem name="RC4 40/128" value="0" />
<templateItem name="RC4 56/128" value="0" />
<templateItem name="RC4 64/128" value="0" />
<templateItem name="RC4 128/128" value="0" />
<templateItem name="Triple DES 168" value="0" />
<templateItem name="AES 128/128" value="-1" />
<templateItem name="AES 256/256" value="-1" />
</ciphers>
<hashes>
<templateItem name="MD5" value="0" />
<templateItem name="SHA" value="0" />
<templateItem name="SHA 256" value="-1" />
<templateItem name="SHA 384" value="-1" />
<templateItem name="SHA 512" value="-1" />
</hashes>
<keyExchanges>
<templateItem name="Diffie-Hellman" value="-1" />
<templateItem name="PKCS" value="0" />
<templateItem name="ECDH" value="-1" />
</keyExchanges>
</schannel>
<advanced>
<templateItem name="Override Enabled" value="0" />
<templateItem name="DHE Minimum Key Length" value="2048" />
<templateItem name="FIPS Algorithm Policy" value="0" />
</advanced>
<cipherSuites>
<templateItem name="Configured Cipher Suites" value="TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_AES_128_CCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CCM,TLS_ECDHE_ECDSA_WITH_AES_256_CCM,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CCM,TLS_DHE_RSA_WITH_AES_256_CCM" minimumOSVersion="Windows2022" />
</cipherSuites>
</iisCryptoTemplate>