From ed51a092c7599d4e351aee4e6e48e31f9a95aba8 Mon Sep 17 00:00:00 2001 From: Tyler Perkins Date: Wed, 12 Jan 2022 01:00:01 -0500 Subject: [PATCH] Update for 12-01-22 01:00 --- tech/cia-do-dont.wiki | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tech/cia-do-dont.wiki b/tech/cia-do-dont.wiki index 3b67f40..6f466f1 100644 --- a/tech/cia-do-dont.wiki +++ b/tech/cia-do-dont.wiki @@ -77,3 +77,5 @@ This is the CIA list of dos and donts. - DH and ECDH is prefered for perfect forward security * Authentication *must* be done with TLS 1.2, Elliptic curve DSA, DSA, or RSA - Asymmetric keys *must* be at least 2048 bits (Elliptic curve, 256 bits) +* Authentication via TLS 1.2 *must* include the use of certs by both parties +* Authentication via TLS 1.2 *must* validate the cert