RFC 9151

Commercial National Security Algorithm (CNSA) Suite Profile for TLS and DTLS 1.2 and 1.3, April 2022

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML icon for inline errata
Also available: XML file for editing
D. Cooley

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9151

Discuss this RFC: Send questions or comments to the mailing list rfc-ise@rfc-editor.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9151


This document defines a base profile for TLS protocol versions 1.2 and 1.3 as well as DTLS protocol versions 1.2 and 1.3 for use with the US Commercial National Security Algorithm (CNSA) Suite.

The profile applies to the capabilities, configuration, and operation of all components of US National Security Systems that use TLS or DTLS. It is also appropriate for all other US Government systems that process high-value information.

The profile is made publicly available here for use by developers and operators of these and any other system deployments.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search