Security/Server Side TLS: Difference between revisions

Security/Server Side TLS (view source)

77 bytes added , 14 October 2013

no edit summary

Confirmed users

529

edits

Revision as of 17:36, 14 October 2013 (view source) Ulfr (talk \| contribs) (→‎General purpose ciphersuite) ← Older edit		Revision as of 17:39, 14 October 2013 (view source) Ulfr (talk \| contribs) No edit summary Newer edit →
Line 1:		Line 1:
	~~--[[User:Ulfr\|Ulfr]] ([[User talk:Ulfr\|talk]]) 10:12, 14 October 2013 (PDT)~~		This document provides guidelines for the configuration of SSL/TLS on servers. All Mozilla sites and deployment should follow the recommendations below.

	While SSL/TLS provides strong security, default settings must generally be avoided. In addition to known vulnerabilities in SSLv2, Beast and so on, some ciphersuites simply do not provide any security and use NULL ciphers or non-authenticated key exchanges.		While SSL/TLS provides strong security, default settings must generally be avoided. In addition to known vulnerabilities in SSLv2, Beast and so on, some ciphersuites simply do not provide any security and use NULL ciphers or non-authenticated key exchanges.