For TLS, Diffie Hellman groups according to the table below must be used.
User roles: Operation, Development, Integration
The Diffie Hellman groups is used for key exchange with Perfect Forward Secrecy (PFS). Generally, a distinction is made between elliptic curve groups and finite field groups (mod p).
The following table contains the allowed Diffie Hellman groups for use in TLS
| Diffie Hellman group | IANA-No. | Referenzspezifikation |
| brainpoolP512r1 | 33 | RFC 7027 |
| secp521r1 | 25 | RFC 8422 |
| brainpoolP384r1 | 27 | RFC 7027 |
| secp384r1 | 24 | RFC 8422 |
| brainpoolP256r1 | 26 | RFC 7027 |
| secp256r1 | 23 | RFC 8422 |
| ffdhe4096 | 258 | RFC 7919 |
| ffdhe3072 | 257 | RFC 7919 |
Remark on group 256:
Diffie Hellman group 256 (IANA-No.256) has a ley length of 2048 bit [1] and may only be used in legacy systems until the end of the year 2022. The group must be substituted by a stronger method (according to the enumeration above).
Please specify IFS compliance