more service security information

2020-12-26 16:25:48 -05:00 · 2020-12-26 16:25:48 -05:00 · a937d6039d
commit a937d6039d
parent 24ac1e8538
1 changed files with 3 additions and 1 deletions
--- a/static/features.html
+++ b/static/features.html
@ -187,7 +187,9 @@
                    <li>Authenticated encryption for all of our services</li>
                    <li>Strong cipher configurations for all of our services (SSH, TLS, etc.) with
                    only modern AEAD ciphers providing forward secrecy</li>
-                    <li>DNSSEC for all our domains</li>
+                    <li>Our web services uses OCSP stapling with Must-Staple</li>
+                    <li>DNSSEC implemented for all of our domains, which is particularly important
+                    for securing email due to it relying on DNS records</li>
                    <li>DANE TLSA records for pinning keys for all our TLS services (mostly helps
                    to secure email due to lack of browser support)</li>
                    <li>SSHFP across all domains for pinning SSH keys</li>