ISO Position Paper
Position Title: Data Transmission and Encryption Standards
Position Audience: Princeton IT Professionals
Contact: Information Security Office: [email protected]
Position Release Date: November 2018
Updated: January 18, 2024
Problem Statement
Data transmission and encryption standards continue to evolve as new weaknesses and vulnerabilities
are discovered. Devices that are not properly maintained could lead to exploitation by bad actors and, as
a result, could put Princeton University information at risk.
ISO Position
All University servers and devices including development, QA, and production, should be configured
using the latest recommended standards. These standards include the following:
- a current SHA2 certificate issued by the University certificate service
- use of TLS 1.2 and above
- strong ciphers
- no use of SSL 2.0, SSL 3.0, or TLS 1.0
Additional Information
Certificates: How to request a digital certificate for a web server at Princeton University
InCommon Certificate Use for SSL/TLS position paper
Self-signed Certificates position paper
Data classification: Public