802
edits
Changes
Jump to navigation
Jump to search
Line 60:
Line 60: − + Line 149:
Line 149: − Line 285:
Line 284: + + + + Line 310:
Line 313: + − + +
GC HTTPS Web Server Config (view source)
Revision as of 11:24, 30 September 2019
, 11:24, 30 September 2019no edit summary
! Full ITSP.40.111 Cipher Suites
! Full ITSP.40.111 Cipher Suites
! Modified ITSP 40.111 Cipher Suites
! Modified ITSP 40.111 Cipher Suites
! Target Cipher Suites (<span style="color:red;">NEW:</span> 05/31/19)
! Target Cipher Suites (Publication Pending)
|- style="vertical-align:top;"
|- style="vertical-align:top;"
|
|
|
|
Recommended and prioritized (TLS 1.3):
Recommended and prioritized (TLS 1.3):
* TLS_AES_256_GCM_SHA384 (5)
* TLS_AES_256_GCM_SHA384 (5)
For a complete list of major differences, see the [https://tools.ietf.org/html/draft-ietf-tls-tls13-28 Transport Layer Security (TLS) Protocol Version 1.3 specification], section 1.3.
For a complete list of major differences, see the [https://tools.ietf.org/html/draft-ietf-tls-tls13-28 Transport Layer Security (TLS) Protocol Version 1.3 specification], section 1.3.
<br /><br />
<br /><br />
=== Web Server Configuration Templates ===
For example templates of popular Web Server Configurations [[GC HTTPS Everywhere - Web Server Configurations|click here]]!
* [https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility Mozilla Security/Server Side TLS]
* [https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility Mozilla Security/Server Side TLS]
* [https://infosec.mozilla.org/guidelines/web_security Mozilla web security general reference]
* [https://infosec.mozilla.org/guidelines/web_security Mozilla web security general reference]
* [https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls Transport Layer Security (TLS) best practices with the .NET Framework]
In Mozilla’s advice on Server Side TLS, several TLS configurations are described (‘Modern’, ‘Intermediate’, and ‘Old’) that refer to some of the 'best' security settings possible, depending on the versions of the browsers that need to be supported. Supporting the ‘Old’ profile is risky and should be avoided, as it would mean supporting the insecure SSL protocol.
In Mozilla’s advice on Server Side TLS, several TLS configurations are described (‘Modern’, ‘Intermediate’, and ‘Old’) that refer to some of the 'best' security settings possible, depending on the versions of the browsers that need to be supported. Supporting the ‘Old’ profile is risky and should be avoided, as it would mean supporting the insecure SSL protocol.
<br>
<references />
