This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Transport Layer Protection Cheat Sheet"

From OWASP
Jump to: navigation, search
m
m (Point to the official site)
 
(227 intermediate revisions by 24 users not shown)
Line 1: Line 1:
Page is under contruction - michael.coates@owasp.org<br>  
+
__NOTOC__
 +
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Cheatsheets-header.jpg|link=]]</div>
  
= Introduction  =
+
The Cheat Sheet Series project has been moved to [https://github.com/OWASP/CheatSheetSeries GitHub]!
  
== Benefits  ==
+
Please visit [https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html Transport Layer Protection Cheat Sheet] to see the latest version of the cheat sheet.
 
 
Confidentiality
 
 
 
Integrity
 
 
 
Replay Protection
 
 
 
End Point Authentication
 
 
 
= Rules for Transport Layer Protection<br>  =
 
 
 
== Secure Server Design <br>  ==
 
 
 
=== Rule #1 - Use SSL for All Login Pages and All Authenticated Pages<br>  ===
 
 
 
=== Rule #2 - Use SSL on Any Networks (External and Internal) Transmiting Sensitive Data<br>  ===
 
 
 
=== Rule #3 - Do Not Provide Non-SSL Pages for Secure Content<br>  ===
 
 
 
=== Rule #4 - Do Not Perform Redirectsfrom Non-SSL Login to&nbsp;SSL&nbsp;Login Page  ===
 
 
 
=== Rule #5 - Do Not Mix SSL and Non-SSL&nbsp;Content  ===
 
 
 
== Server Certificate &amp;&nbsp;Protocol Configuration  ==
 
 
 
=== Rule #6 - Use an Appropriate Certificate Authority for User Base ===
 
 
 
=== Rule #7 - Only Support Strong Cryptographic Algorithms<br> ===
 
 
 
=== Rule #8 - Only Support Strong Protocols ===
 
 
 
=== Rule #9 - Establish a Strong Private Key for the Server ===
 
 
 
=== Certificate Considerations  ===
 
 
 
== Client Configuration  ==
 
 
 
Certificate Validation
 
 
 
Trusted Root Store
 
 
 
Revocation List Checking
 
 
 
== Additional Controls ==
 

Latest revision as of 14:26, 15 July 2019

Cheatsheets-header.jpg

The Cheat Sheet Series project has been moved to GitHub!

Please visit Transport Layer Protection Cheat Sheet to see the latest version of the cheat sheet.

Retrieved from "https://wiki.owasp.org/index.php?title=Transport_Layer_Protection_Cheat_Sheet&oldid=253047"