SID-TRANS-01 — TLS 1.2+ Minimum with Configurable Version
| Property | Value |
|---|---|
| Owner | platform |
| Category | technical |
| CSF Function | protect |
| Group | Transport Security Controls |
Description
TLS minimum version configurable (default 1.2, option for 1.3). Applied to all server listeners. CORS middleware with origin allowlisting and wildcard rejection when credentials enabled.
Components
- Wallet Backend (Go)
- Reverse Proxy / TLS
Source References
Framework Requirements
EUDI Security Requirements: WIN-8.4.1-Sec-06, WIN-8.4.3-Sec-10
FitCEM Wallet Instance: FIT-AU-19, FIT-DC-01
ISO 27001 Annex A: A.5.14, A.8.20, A.8.21
OWASP ASVS 4.0.3 Level 3: V1.9, V9.1, V9.2
STRIDE Threat Model: WB-T-1, WB-S-4, VC-S-2, VC-T-1, TR-S-2, CC-S-1