This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
User contributions
This user is currently blocked. The latest block log entry is provided below for reference:
- 15:09, 14 August 2013 KateHartmann (talk | contribs) blocked Jeffrey Walton (talk | contribs) with an expiration time of indefinite (account creation disabled, email disabled)
(newest | oldest) View (newer 20 | older 20) (20 | 50 | 100 | 250 | 500)
- 17:03, 24 February 2013 (diff | hist) . . (+69) . . Transport Layer Protection Cheat Sheet
- 16:59, 24 February 2013 (diff | hist) . . (-172) . . Transport Layer Protection Cheat Sheet (Updated "Rule: Only Support Strong Protocols." A lot has changed in 4 or 5 years, and its safe to kill-off SSLv3 completely and press the need to deprecate TLS 1.0.)
- 15:27, 24 February 2013 (diff | hist) . . (+367) . . m Transport Layer Protection Cheat Sheet (Added info on TLSv1.0 CBC Chaining attacks and Padding Oracle attacks; (2) specified 3-key 3DES; (3) added info on stream ciphers, explicitly omitted ARC4; (4) added preference for SHA2; (5) reversed MD5 (MD5 is still needed as PRF in TLS 1.0 and 1.1)
- 15:16, 24 February 2013 (diff | hist) . . (+20) . . Transport Layer Protection Cheat Sheet
- 15:10, 24 February 2013 (diff | hist) . . (+289) . . Transport Layer Protection Cheat Sheet ((1) Rearranged Protocols and Cipher Suites so Protocols proceeds Cipher Suites; (2) Added references to IANA reserved cipher suites; (3) added PKI to Always Provide All Certifcates)
- 16:00, 23 February 2013 (diff | hist) . . (+144) . . Transport Layer Protection Cheat Sheet
- 15:57, 23 February 2013 (diff | hist) . . (+849) . . Transport Layer Protection Cheat Sheet (Added "Rule - Always Provide All Needed Certificates")
- 11:48, 23 February 2013 (diff | hist) . . (+9) . . C-Based Toolchain Hardening
- 11:46, 23 February 2013 (diff | hist) . . (+59) . . C-Based Toolchain Hardening
- 11:35, 23 February 2013 (diff | hist) . . (+11) . . m C-Based Toolchain Hardening (Added NDK_DEBUG for Android)
- 04:22, 23 February 2013 (diff | hist) . . (+86) . . m Transport Layer Protection Cheat Sheet (Improved flow)
- 04:14, 23 February 2013 (diff | hist) . . (-17) . . m Transport Layer Protection Cheat Sheet (Improved flow)
- 04:09, 23 February 2013 (diff | hist) . . (-33) . . m Transport Layer Protection Cheat Sheet (Improved flow)
- 04:02, 23 February 2013 (diff | hist) . . (+7) . . Transport Layer Protection Cheat Sheet ("real time info" -> "real time status info")
- 03:58, 23 February 2013 (diff | hist) . . (+66) . . Transport Layer Protection Cheat Sheet
- 03:54, 23 February 2013 (diff | hist) . . (+64) . . Transport Layer Protection Cheat Sheet (Improved flow; added phishing attack)
- 03:50, 23 February 2013 (diff | hist) . . (+415) . . Transport Layer Protection Cheat Sheet (Kill off SSLv2 and SSLv3. Cited references.)
- 01:07, 23 February 2013 (diff | hist) . . (+1,372) . . Transport Layer Protection Cheat Sheet (Re-add "Certificate and Public Key Pinning" section. Accidentally whacked when updating RFC numbers.)
- 00:56, 23 February 2013 (diff | hist) . . (+169) . . m Testing for SSL-TLS (OWASP-CM-001) (Added info on Server Name Indication (SNI))
- 00:42, 23 February 2013 (diff | hist) . . (-1,372) . . m Transport Layer Protection Cheat Sheet (RFC 3280 -> RFC 5280. The latest PKIX for Internet profile is 5280.)
(newest | oldest) View (newer 20 | older 20) (20 | 50 | 100 | 250 | 500)