rimball wiki

User Tools

Site Tools

Trace: debootstrap
notes:tls

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
notes:tls [2024/01/09 22:16] davidnotes:tls [2024/04/09 21:33] (current) david
Line 5: Line 5:
 [[https://nabla-c0d3.github.io/sslyze/documentation/| SSLyze]] [[https://nabla-c0d3.github.io/sslyze/documentation/| SSLyze]]
  
 +=== Certificate order ===
 +leaf certificate followed by intermediaries and root, see "certificate_list" in section 7.4.2 below.\\
 [[https://www.rfc-editor.org/rfc/rfc5246|RFC 5246]] [[https://www.rfc-editor.org/rfc/rfc5246|RFC 5246]]
 [[https://www.rfc-editor.org/rfc/rfc5246#section-7.4.2 |  7.4.2 Server Certificate ]] [[https://www.rfc-editor.org/rfc/rfc5246#section-7.4.2 |  7.4.2 Server Certificate ]]
  
-Certificate order - server certificate followed by intermediaries and root+
  
 [[https://www.rfc-editor.org/rfc/rfc5280| RFC 5280 ]] Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile [[https://www.rfc-editor.org/rfc/rfc5280| RFC 5280 ]] Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
Line 35: Line 37:
  
  
-=== Certificate management ===+==== Certificate management ====
  
 https://www.nccoe.nist.gov/tls-server-certificate-management https://www.nccoe.nist.gov/tls-server-certificate-management
  
 NIST SP 800-131A Rev. 2 NIST SP 800-131A Rev. 2
 +
 Transitioning the Use of Cryptographic Algorithms and Key Lengths Transitioning the Use of Cryptographic Algorithms and Key Lengths
 +
 https://csrc.nist.gov/pubs/sp/800/131/a/r2/final https://csrc.nist.gov/pubs/sp/800/131/a/r2/final
  
  
-Recommendation for +Recommendation for Key Management: \\ 
-Key Management: +Part 2 - Best Practices for Key Management Organizations \\
-Part 2 - Best Practices for +
-Key Management Organizations+
 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt2r1.pdf https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt2r1.pdf
  
Line 55: Line 57:
 https://cabforum.org/documents/ https://cabforum.org/documents/
  
-RFC 9325 +RFC 9325\\ 
-Recommendations for Secure Use of Transport Layer +Recommendations for Secure Use of Transport Layer\\ 
-Security (TLS) and Datagram Transport Layer +Security (TLS) and Datagram Transport LayerSecurity (DTLS)
-Security (DTLS+
  
 RFC-8446 - The Transport Layer Security (TLS) Protocol Version 1.3  RFC-8446 - The Transport Layer Security (TLS) Protocol Version 1.3 
Line 74: Line 75:
  
  
-NIST Special Publication 800-56A +NIST Special Publication 800-56A\\ 
-Revision 3 +Revision 3\\ 
-Recommendation for Pair-Wise Key- +Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete 
-Establishment Schemes Using Discrete +Logarithm Cryptography\\
-Logarithm Cryptography+
 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf
 +
 +===== Cipher Suites ====
 +https://ciphersuite.info/
notes/tls.1704856572.txt.gz · Last modified: by david