tyler/vimwiki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update for 12-01-22 01:15

Browse Source
This commit is contained in:
Tyler Perkins 2022-01-12 01:15:01 -05:00
parent ed51a092c7
commit f6fbc391de
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
tech/cia-do-dont.wiki
View File

@ -78,4 +78,8 @@ This is the CIA list of dos and donts.
* Authentication *must* be done with TLS 1.2, Elliptic curve DSA, DSA, or RSA * Authentication *must* be done with TLS 1.2, Elliptic curve DSA, DSA, or RSA
- Asymmetric keys *must* be at least 2048 bits (Elliptic curve, 256 bits) - Asymmetric keys *must* be at least 2048 bits (Elliptic curve, 256 bits)
* Authentication via TLS 1.2 *must* include the use of certs by both parties * Authentication via TLS 1.2 *must* include the use of certs by both parties
* Authentication via TLS 1.2 *must* validate the cert * Authentication via TLS 1.2 *must* validate the cert utlized by both parties.
If the cert is invalid, they should terminate the connection. This guidance
referes to the inner cryptosctream which may be masked by HTTPS, this doesn
no apply to the outer stream
* Tools must support unique certs and CAs for network auth for each deployment