This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Projects/O-Saft/Roadmap"
From OWASP
(todo changed) |
(OCSP url) |
||
| Line 1: | Line 1: | ||
| + | * add check if OCSP url exists and responds ok | ||
* build better map with description for ciphers (prepared in OSaft/Ciphers.pm ) | * build better map with description for ciphers (prepared in OSaft/Ciphers.pm ) | ||
* review the code (technically, note that it is a testing and not a security tool) | * review the code (technically, note that it is a testing and not a security tool) | ||
Latest revision as of 21:51, 16 December 2016
- add check if OCSP url exists and responds ok
- build better map with description for ciphers (prepared in OSaft/Ciphers.pm )
- review the code (technically, note that it is a testing and not a security tool)
- formatting output should be a postprocess; scoring should be a postprocess
- add check for certificate chains
- add proper metric for risks rating
- implement client certificates
- encourage other admins and developers to fix their SSL issues ;-)"
Done
- 08/2016: GUI improved with more modern buttons and better window layout
- 07/2016: some more checks vor new vulnerabilities added
- 04/2015: build simple GUI
- 12/2014: move formatting functionality to o-saft-usr.pm
- 11/2014: implement other protocols (STARTTLS, IMAPS, POPS, ...)
- 09/2014: move description to external file; remove POD
- 05/2014: check target for any possible/existing cipher
