more service security information
This commit is contained in:
parent
24ac1e8538
commit
a937d6039d
@ -187,7 +187,9 @@
|
||||
<li>Authenticated encryption for all of our services</li>
|
||||
<li>Strong cipher configurations for all of our services (SSH, TLS, etc.) with
|
||||
only modern AEAD ciphers providing forward secrecy</li>
|
||||
<li>DNSSEC for all our domains</li>
|
||||
<li>Our web services uses OCSP stapling with Must-Staple</li>
|
||||
<li>DNSSEC implemented for all of our domains, which is particularly important
|
||||
for securing email due to it relying on DNS records</li>
|
||||
<li>DANE TLSA records for pinning keys for all our TLS services (mostly helps
|
||||
to secure email due to lack of browser support)</li>
|
||||
<li>SSHFP across all domains for pinning SSH keys</li>
|
||||
|
Loading…
x
Reference in New Issue
Block a user