Security/Automation/WinterOfSecurity2014: Difference between revisions

Jump to navigation Jump to search

Security/Automation/WinterOfSecurity2014 (view source)

Revision as of 14:06, 19 May 2014

321 bytes added ,  19 May 2014
→‎Compliance checking of TLS configuration
No edit summary
Line 94: Line 94:
* difficulty: easy
* difficulty: easy
* language: english or french
* language: english or french
Mozilla maintains guidelines for [[Security/Server_Side_TLS|server side configurations of SSL/TLS]]. The goal of this project is to build a tool that verifies compliance of a configuration with our guidelines, and help the administrators improve their security. It is very similar in philosophy to project like SSL Labs and [https://github.com/jvehent/cipherscan Cipherscan], but with a stronger emphasis on explaining how to reach a better security level, and educating the administrators.
Mozilla maintains guidelines for [[Security/Server_Side_TLS|server side configurations of SSL/TLS]] that we use to guide the deployment of secure channels everywhere. The goal of this project is to build a tool that verifies compliance of a configuration with our guidelines, and help the administrators improve their security. The tool must be able to evaluate the quality of ciphers, detect required features such as OCSP stapling, and evaluate certificates. It is very similar in philosophy to project like SSL Labs and [https://github.com/jvehent/cipherscan Cipherscan], but mixed with a SSL observatory. The end goal is to help administrators reach a better security level, and measure compliance against Mozilla's policies. The team will be free of reusing existing tools, or build a new one from scratch.


=== Identity Management ===
=== Identity Management ===
Ulfr
Confirmed users
529

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/978228"

Navigation menu