Skip to content

Audit TLSAudit #3

@duplys

Description

@duplys

Hello @rolandschmitz67 ,

in lib/checker.sh, we have the list of weak and insecure TLS configuration options (lines 34 to 48). Is there something missing in your opinion? Moreover, shall the setting "ssl_early_data:on" be classified as "weak" or should we change it to "insecure"? Recall that, as described in DESIGN.md, we have 3 types for TLS settings: secure, weak and insecure. So, "weak" is less critical than "insecure".

Metadata

Metadata

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions