Update for 12-01-22 01:00

2022-01-12 01:00:01 -05:00 · 2022-01-12 01:00:01 -05:00 · ed51a092c7
commit ed51a092c7
parent 5d1e36f924
1 changed files with 2 additions and 0 deletions
--- a/tech/cia-do-dont.wiki
+++ b/tech/cia-do-dont.wiki
@ -77,3 +77,5 @@ This is the CIA list of dos and donts.
  - DH and ECDH is prefered for perfect forward security
 * Authentication *must* be done with TLS 1.2, Elliptic curve DSA, DSA, or RSA 
  - Asymmetric keys *must* be at least 2048 bits (Elliptic curve, 256 bits)
+* Authentication via TLS 1.2 *must* include the use of certs by both parties
+* Authentication via TLS 1.2 *must* validate the cert