From 88dd3685a75556c5b8d7c798e2110ae175bb3a4d Mon Sep 17 00:00:00 2001 From: Tyler Perkins Date: Wed, 12 Jan 2022 01:30:01 -0500 Subject: [PATCH] Update for 12-01-22 01:30 --- tech/cia-do-dont.wiki | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tech/cia-do-dont.wiki b/tech/cia-do-dont.wiki index 0236e60..fa62e38 100644 --- a/tech/cia-do-dont.wiki +++ b/tech/cia-do-dont.wiki @@ -83,3 +83,8 @@ This is the CIA list of dos and donts. referes to the inner cryptosctream which may be masked by HTTPS, this doesn no apply to the outer stream * Tools must support unique certs and CAs for network auth for each deployment +* Integrity must be provided HMAC with a key size of 256 bits +* Confidentiality must be provided by AES with minimum key size of 256 bits. + The cipher must be operated in Galois/Counter Mode, Counter Mode, or Chipher + Block Chaining +* Messages *must* come with a digest