security/hakurei.app
security/hakurei.app
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

move unimportant OCSP stapling feature

Browse Source
This commit is contained in:
Daniel Micay 2021-03-29 15:23:28 -04:00
parent 0326db8f19
commit a1f672e7b9
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
static/features.html
View File

@ -212,7 +212,6 @@
<li>Authenticated encryption for all of our services</li> <li>Authenticated encryption for all of our services</li>
<li>Strong cipher configurations for all of our services (SSH, TLS, etc.) with <li>Strong cipher configurations for all of our services (SSH, TLS, etc.) with
only modern AEAD ciphers providing forward secrecy</li> only modern AEAD ciphers providing forward secrecy</li>
<li>Our web services use robust OCSP stapling with Must-Staple</li>
<li>Our web sites do not include any third party content and entirely forbid <li>Our web sites do not include any third party content and entirely forbid
it via strict Content Security Policy rules</li> it via strict Content Security Policy rules</li>
<li>Our web sites disable referrer headers to maximize privacy</li> <li>Our web sites disable referrer headers to maximize privacy</li>
@ -229,6 +228,7 @@
when sending mail including alert messages from the attestation service</li> when sending mail including alert messages from the attestation service</li>
<li>SSHFP across all domains for pinning SSH keys</li> <li>SSHFP across all domains for pinning SSH keys</li>
<li>Static key pinning for our services in apps like Auditor</li> <li>Static key pinning for our services in apps like Auditor</li>
<li>Our web services use robust OCSP stapling with Must-Staple</li>
<li>No persistent cookies or similar client-side state for anything other than <li>No persistent cookies or similar client-side state for anything other than
login sessions, which are set up via SameSite=strict cookies and have login sessions, which are set up via SameSite=strict cookies and have
server-side session tracking with the ability to log out of other server-side session tracking with the ability to log out of other