Skip to content

Commit

Permalink
Removing link to pinning guidance
Browse files Browse the repository at this point in the history
  • Loading branch information
tghosth authored and elarlang committed Jan 2, 2024
1 parent 363297e commit ccc4f38
Showing 1 changed file with 0 additions and 1 deletion.
1 change: 0 additions & 1 deletion 5.0/en/0x17-V9-Communications.md
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,6 @@ Use secure TLS configuration and use up to date tools to review the configuratio
For more information, see also:

* [OWASP – TLS Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html)
* [OWASP – Pinning Guide](https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning)
* Notes on “Approved modes of TLS”:
* In the past, the ASVS referred to the US FIPS 140 standard, but as a global standard, applying US standards can be difficult, contradictory, or confusing to apply.
* A better method of achieving compliance with section 9.1 would be to review guides such as [Mozilla's Server Side TLS](https://wiki.mozilla.org/Security/Server_Side_TLS) or [generate known good configurations](https://mozilla.github.io/server-side-tls/ssl-config-generator/), and use known and up to date TLS evaluation tools to obtain a desired level of security.

0 comments on commit ccc4f38

Please sign in to comment.