security/hakurei.app
security/hakurei.app
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

list more web service / site security features

Browse Source
This commit is contained in:
Daniel Micay 2021-03-23 10:11:24 -04:00
parent 7a3a5b3f57
commit 35f926e00e
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
static/features.html
View File

@ -210,7 +210,12 @@
<li>Authenticated encryption for all of our services</li> <li>Authenticated encryption for all of our services</li>
<li>Strong cipher configurations for all of our services (SSH, TLS, etc.) with <li>Strong cipher configurations for all of our services (SSH, TLS, etc.) with
only modern AEAD ciphers providing forward secrecy</li> only modern AEAD ciphers providing forward secrecy</li>
<li>Our web services use OCSP stapling with Must-Staple</li> <li>Our web services use robust OCSP stapling with Must-Staple</li>
<li>Our web sites do not include any third party content and entirely forbid
it via strict Content Security Policy rules</li>
<li>Our web sites disable referrer headers to maximize privacy</li>
<li>Our web sites fully enable cross origin isolation and disable embedding in
other content</li>
<li>DNSSEC implemented for all of our domains</li> <li>DNSSEC implemented for all of our domains</li>
<li>DNS Certification Authority Authorization (CAA) records for all of our <li>DNS Certification Authority Authorization (CAA) records for all of our
domains permitting only Let's Encrypt to issue certificates with fully domains permitting only Let's Encrypt to issue certificates with fully