Update for 12-01-22 00:45
This commit is contained in:
parent
d4e4b26b3b
commit
5d1e36f924
@ -67,3 +67,13 @@ This is the CIA list of dos and donts.
|
|||||||
* DONOT assume free versions of PSP is the same as retail PSP. Test on all
|
* DONOT assume free versions of PSP is the same as retail PSP. Test on all
|
||||||
versions in a sandbox
|
versions in a sandbox
|
||||||
* DO test PSPs with recently live internet connections when possible
|
* DO test PSPs with recently live internet connections when possible
|
||||||
|
|
||||||
|
== Encryption ==
|
||||||
|
|
||||||
|
* Key exchange *must* be performed via Diffie-Hellman, Eliptic Curve
|
||||||
|
Diffie-Helmen, or RSA.
|
||||||
|
- ECDH, the prime must be 256 bits
|
||||||
|
- DH and RSA primes must be *at least* 2048 bits
|
||||||
|
- DH and ECDH is prefered for perfect forward security
|
||||||
|
* Authentication *must* be done with TLS 1.2, Elliptic curve DSA, DSA, or RSA
|
||||||
|
- Asymmetric keys *must* be at least 2048 bits (Elliptic curve, 256 bits)
|
||||||
|
Loading…
Reference in New Issue
Block a user