"TransportSecurity – TLS 1.2" Profile

 Description This Facet defines a transport security for configurations with high security needs. It makes use of TLS 1.2 and uses TLS_RSA_WITH_AES_256_CBC_SHA256. As computing power increases, security algorithms are expected to expire. NIST provides guidelines for expected expiration dates for individual algorithms. These guidelines provide recommended dates at which the algorithm should be replaced or upgraded to a more secure algorithm. They do not indicate a failure of the algorithm. NIST has no recommendations for this TransportSecurity. It is recommended that Servers and Clients support all security profiles and developers provide the recommended profile as a default. It is up to an administrator to configure the actual exposed TransportSecurity Profiles.
 URI http://opcfoundation.org/UA-Profile/TransportSecurity/TLS-1-2

This page lists the conformance units of the selected profile with their name and description.
Conformance units that are inherited via included Profiles are not listed by default. Use the following radio buttons to change this default behaviour.

Include  Name Opt.  Description  From Profile
Security TLS_RSA with AES_256_CBC_SHA256 The connection is established using TLS_RSA_WITH_AES_256_CBC_SHA256. That has a MinAsymmetricKeyLength – 2048, MaxAsymmetricKeyLength – 4096, AsymmetricSignatureAlgorithm – RSA_SHA256. (TLS 1.2)