Update SSL/TLS reccomendations in security guide
Bug #1389706 reported by
Bryan D. Payne
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| openstack-manuals |
Fix Released
|
Critical
|
Doug Chivers | ||
Bug Description
In the post-POODLE world we should probably update the SSL/TLS recommendations in the security guide. This is a reminder to do that.
Recommendations should be TLS v1 at a minimum for services that require broad client compatibility and TLS v1.2 only for services where you control the client and server sides.
Cipher suites should probably be revised as well. When using TLS v1.2 it should probably be limited to only ECDHE-ECDSA-
Let's also double check my recommendations above :-)
| Changed in openstack-manuals: | |
| status: | New → Confirmed |
| Changed in openstack-manuals: | |
| milestone: | none → kilo |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix proposed to security-doc (master) | #1 |
| Changed in openstack-manuals: | |
| assignee: | nobody → Tom Fifield (fifieldt) |
| status: | Confirmed → In Progress |
| Changed in openstack-manuals: | |
| assignee: | Tom Fifield (fifieldt) → Doug Chivers (doug-chivers) |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to security-doc (master) | #2 |
| Changed in openstack-manuals: | |
| status: | In Progress → Fix Released |
To post a comment you must log in.
Fix proposed to branch: master
Review: https:/