[Owasp-leaders] TLS Protection Cheat Sheet

ludovic petit ludovic.petit at owasp.org
Mon Oct 19 06:10:57 EDT 2009


Hi
Great job.

Just a comment however: in my view, it could makes sense to slightly evoke
in 1 or 2 lines the differences between SSL and TLS, this to avoid any
misunderstanding / misconfiguration.
Indeed (and as you know), lots of people are thinking that TLS is "just" the
new name of SSL (I'm not talking about you all guys:), but there's some
differences between both, more precisely in the sub-protocols layers
(Controls, etc.).

May I suggest for instance to evoke something like "Use TLS only with TLS,
because of blahblah..."?

-- 
Ludovic Petit
OWASP France Chapter Leader
ludovic.petit at owasp.org
+33 611 726 164

http://www.linkedin.com/in/lpetit

http://www.owasp.org/index.php/France

TEAM stands for... "Together Each Achieves More"
---------------------------------------
Owasp-france mailing list
Owasp-france at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-france
On Mon, Oct 19, 2009 at 3:03 AM, Michael Coates <
michael.coates at aspectsecurity.com> wrote:

>  All,
>
> I’m happy to announce the release of the OWASP TLS Protection Cheat Sheet.
> Many thanks to everyone who provided feedback and contributed to this
> document. - Mike Boberski, Dave Wichers, Tyler Reguly.
>
> http://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet
>
>
>
> TwitterTag: #TLSCheatSheet
>
> * *
>
> * *
>
> *Michael Coates*
>
> Senior Application Security Engineer
>
> michael.coates at aspectsecurity.com
>
> * *
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20091019/1dc7c8c6/attachment.html 


More information about the OWASP-Leaders mailing list