Transaction Security Ciphers

[DavoGiz]

Description

Additional Ciphers added to Transaction Security

Area Affected

Transaction Security. My question is related to https://cdr-support.zendesk.com/hc/en-us/articles/900003905546-Transaction-Security-ECDHE-Ciphers.

Can the following ciphers be added to the list of supported ciphers?

[0xc, 02b] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
[0xc, 02c] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

The current specification is restricted to the following 4 ciphers.

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x00, 0x9E
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC0, 0x2F
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x00, 0x9F
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC0, 0x30

[CDR-API-Stream]

Hi @DavoGiz, cipher support is constrained via the upstream FAPI specifications and leverages the BCP195.

FAPI ID2 (Draft 06) states:

As confidential information is being exchanged, all interactions shall be encrypted with TLS (HTTPS).

Section 7.1 of Financial-grade API - Part 1: Read Only API Security Profile shall apply, with the following additional requirements:

Only the following 4 cipher suites shall be permitted:

• TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
• TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
• TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
• TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

For the authorization_endpoint, the authorisation server MAY allow additional cipher suites that are permitted by the latest
version of [BCP195], if necessary to allow sufficient interoperability with users' web browsers.

FAPI 1.0 now states:

As confidential information is being exchanged, all interactions shall be encrypted with TLS (HTTPS).

Section 7.1 of Financial-grade API Security Profile 1.0 - Part 1: Baseline shall apply, with the following additional requirements:

For TLS versions below 1.3, only the following 4 cipher suites shall be permitted:

• TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
• TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
• TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
• TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

For the authorization_endpoint, the authorization server MAY allow additional cipher suites that are permitted by the latest
version of BCP195, if necessary to allow sufficient interoperability with users' web browsers or are required by local
regulations. NOTE: Permitted cipher suites are those that BCP195 does not explicity say MUST NOT use.
When using the TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 or TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 cipher suites, key lengths of at least 2048 bits are required.

Perhaps a better change to the data standards is to change the text for cipher support to be simply reference section 8.5 of the FAPI Advanced Profile (Read/Write). Something like:

Cipher suites SHALL only be permitted in accordance with section 8.5 of [FAPI-RW].

This has previously been discussed in the FAPI WG with the reference to [BCP 195] and TLS 1.3 being considered.

[CDR-API-Stream]

This issue was discussed in the 9th maintenance iteration call. The proposed wording update (above) to defer to the FAPI 1.0 specification will be accommodated in the migration to FAPI 1.0 consulted under Decision Proposal 209. Deferring to section 8.5 of FAPI ID2 would not achieve the intended outcome and the preference is not to backport text from FAPI 1.0 into the current CDS InfoSec profile.

[CDR-API-Stream]

DP209 changes were incorporated into release v1.15.0. Refer to Decision 209 for further details.