When information is transmitted over communication networks, there is a risk of information being intercepted or tampered with by unauthorised persons. To ensure the confidentiality and the integrity of the information, appropriate measures must be taken for the protection of these transmissions.

One possible measure here is the use of the Transport Layer Security (TLS) protocol. Effective protection is achieved by ensuring the use of the latest, secure version of this protocol with the correct configuration. This BSI minimum standard therefore defines specifications for the Federal Administration for the correct use of TLS.

Update May 2023: The minimum standard has been updated to version 2.4. The adjustments made are listed in the change history for the minimum standard for the use of Transport Layer Security (TLS). At the same time, the help document and the reference table were updated. The adjustments took into account the current versions of the relevant BSI technical guidelines (TR-02102-2 and TR-03116-4) and the current version of the IT-Grundschutz Compendium (Edition 2023). The minimum standard, the help document and the reference table are available for download. Older versions of these documents are available in the archive.

Download minimum standard (only available in German)

Mindeststandard des BSI nach § 8 Abs. 1 Satz 1 BSIG zur Verwendung von Transport Layer Security (TLS) Version 2.4

Download help document (only available in German)

Hilfsdokument zum „Mindeststandard des BSI zur Verwendung von Transport Layer Security (TLS)"

Download reference table TLS minimum standard version 2.4 and IT-Grundschutz version 2023 (only available in German)

IT-Grundschutz-Referenztabelle zum Mindeststandard des BSI nach § 8 Abs. 1 Satz 1 BSIG zur Verwendung von Transport Layer Security (TLS) Version 2.4 (IT-Grundschutz-Kompendium – Edition 2023)