Skip to content

Commit

Permalink
Reset v9 changes as they will be handled separately
Browse files Browse the repository at this point in the history
  • Loading branch information
tghosth authored and elarlang committed Mar 17, 2024
1 parent 12fa58b commit 45f6f28
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions 5.0/en/0x17-V9-Communications.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ Ensure that a verified application meets the following high-level requirements:

* Require TLS or strong encryption, independent of the sensitivity of the content.
* Follow the latest guidance, including:
* Configuration advice
* Preferred algorithms and ciphers
* Configuration advice
* Preferred algorithms and ciphers
* Avoid weak or soon-to-be deprecated algorithms and ciphers, except as a last resort.
* Disable deprecated or known insecure algorithms and ciphers.

Expand Down Expand Up @@ -67,5 +67,5 @@ For more information, see also:

* [OWASP – TLS Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html)
* Notes on “Approved modes of TLS”:
* In the past, the ASVS referred to the US FIPS 140 standard, but as a global standard, applying US standards can be difficult, contradictory, or confusing to apply.
* A better method of achieving compliance with section 9.1 would be to review guides such as [Mozilla's Server Side TLS](https://wiki.mozilla.org/Security/Server_Side_TLS) or [generate known good configurations](https://mozilla.github.io/server-side-tls/ssl-config-generator/), and use known and up-to-date TLS evaluation tools to obtain a desired level of security.
* In the past, the ASVS referred to the US FIPS 140 standard, but as a global standard, applying US standards can be difficult, contradictory, or confusing to apply.
* A better method of achieving compliance with section 9.1 would be to review guides such as [Mozilla's Server Side TLS](https://wiki.mozilla.org/Security/Server_Side_TLS) or [generate known good configurations](https://mozilla.github.io/server-side-tls/ssl-config-generator/), and use known and up-to-date TLS evaluation tools to obtain a desired level of security.

0 comments on commit 45f6f28

Please sign in to comment.