30335: How Does TLS Cipher Suite Selection Affect z/OS Performance
As a z/OS network security administrator you’ve been asked to increase the
security level of your TLS definitions. But when you switched your TLS_
RSA_WITH_AES_256_GCM_SHA384 cipher suite to TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
your CPU consumption went through the roof! So what does it mean to move from
RSA key exchange to DHE? Or ECDHE? And what about ECDSA certificates vs. RSA?