DDC have removed two ciphers from the SSP - AES256+SHA and AES128+SHA. The spec needs updating to reflect this.
Also remove references to TLS1.0 and TLS1.1.
While TLS1.0 support will remain for a short while, while one of our consumers transition away from it, we do not want any new consumers or providers to create solutions using it.
RiChallinor
commented
6 years ago
https://nhsconnect.github.io/gpconnect/development_api_security_guidance.html
DDC have removed two ciphers from the SSP - AES256+SHA and AES128+SHA. The spec needs updating to reflect this.
Also remove references to TLS1.0 and TLS1.1.
While TLS1.0 support will remain for a short while, while one of our consumers transition away from it, we do not want any new consumers or providers to create solutions using it.