Skip to content

Encryption

The server MUST secure communications using at least TLS 1.2 (https).

The server SHOULD:

  • Use one of the TLS cipher suites recommended in SOP-OSD-001 Encryption in Transit and SS-OSD-006 Application Programming Interfaces (APIs)

  • Use a TLS certificate signed by a chain ending with a trusted Certificate Authority (CA)

Further reading and information

SOP-OSD-001 Encryption in Transit

SS-OSD-006 Application Programming Interfaces (APIs)