Update SSL/TLS reccomendations in security guide
Bug #1389706 reported by
Bryan D. Payne
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openstack-manuals |
Fix Released
|
Critical
|
Doug Chivers |
Bug Description
In the post-POODLE world we should probably update the SSL/TLS recommendations in the security guide. This is a reminder to do that.
Recommendations should be TLS v1 at a minimum for services that require broad client compatibility and TLS v1.2 only for services where you control the client and server sides.
Cipher suites should probably be revised as well. When using TLS v1.2 it should probably be limited to only ECDHE-ECDSA-
Let's also double check my recommendations above :-)
Changed in openstack-manuals: | |
status: | New → Confirmed |
Changed in openstack-manuals: | |
milestone: | none → kilo |
Changed in openstack-manuals: | |
assignee: | Tom Fifield (fifieldt) → Doug Chivers (doug-chivers) |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/135844
Review: https:/