TLS Security Profiles


Two new Secure Connection profiles are added to make DICOM consistent with the latest RFCs and best practices for TLS security.

A BCP195 TLS Profile that requires compliance with the IETF BCP 195 Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). This profile requires that TLS negotiation start with the strong security protection parameters, and allows progressive negotiation of weaker protection down to a minimum protection limit.

A Non-Downgrading BCP195 TLS Profile that does not permit negotiation of weaker protections.

The old Basic TLS Secure Transport Connection Profile is retired.