Ensure Only Server-Initiated TLS Renegotiation
Only the server can start secure renegotiation for TLS connections to maintain security.
Plain language
This control means that only the server, and not the user’s computer, can start or restart a secure connection. This is crucial because if a user’s device could start this process, a hacker might trick the connection into becoming less secure, putting sensitive information at risk.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
NC, OS, P, S, TS
ISM last updated
Feb 2022
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Guideline
Guidelines for cryptographySection
Transport Layer SecurityOfficial control statement
Only server-initiated secure renegotiation is used for TLS connections.
Why it matters
Without server-controlled TLS renegotiation, systems face increased risk of DoS or connection hijacking, leading to potential data breaches.
Operational notes
Configure TLS to reject client-initiated renegotiation and allow only server-initiated secure renegotiation; verify with TLS scanners after changes.
Implementation tips
- The IT team should configure all servers to control how secure connections start. They can adjust server settings to make sure only the server can initiate these connections by checking options in the server's security settings.
- System administrators should verify that software updates for servers are applied to keep security settings up to date. Regularly apply patches and updates to fix any potential security holes that could let others control connections.
- IT professionals should use testing tools to simulate server-initiated and non-server-initiated connection attempts. This will help identify whether the current server settings correctly allow only the server to start secure connections.
- Security personnel should create a network policy that clearly states the server's role in initiating TLS renegotiation. Distribute this policy among the IT team to ensure consistent understanding and application.
- Managers should organise training sessions for the IT team on the importance of server-initiated secure connections. These sessions can help reinforce best practices in maintaining secure communication over the network.
Audit / evidence tips
- AskThe server configuration documentation: Request the server settings that specify who can initiate secure connections GoodWill show settings or scripts that enforce this rule
- AskThe network policy documents: Review policies regarding TLS connection management
- AskLogs or records of a recent security check: Check if the IT team has logged and reviewed connection attempts to ensure they follow the protocol GoodWill have a log showing attempts were made and correctly controlled by the server
- AskTo see recent server update and patch records: Verify that servers have been updated to close any known security risks tied to connection initiation vulnerabilities. Good records will show regular updates and patches applied
- AskTraining records: Request evidence of recent training conducted for IT staff on server security settings. Confirm that they cover server-initiated connections GoodIs a dated attendance list and training materials reviewed
Cross-framework mappings
How ISM-1370 relates to controls across ISO/IEC 27001, ISO/IEC 42001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (1) expand_less | ||
| Annex A 8.24 | ISM-1370 requires TLS connections to permit only server-initiated secure renegotiation, reducing exposure to renegotiation-related weakne... | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.