[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-taxii] HTTPS
TAXII systems MUST use TLS version 1.1 [RFC4346] or higher for confidentiality, identification, and authentication, when sending TAXII messages over HTTPS. HTTPS is specified in Section 2 of [RFC2818]. NB: stolen from https://www.rfc-editor.org/rfc/rfc6546.txt 2015-12-15 21:40 GMT+03:00 Jordan, Bret <bret.jordan@bluecoat.com>: > Please propose some updated verbiage... > > > Thanks, > > Bret > > > > Bret Jordan CISSP > Director of Security Architecture and Standards | Office of the CTO > Blue Coat Systems > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can > not be unscrambled is an egg." > > On Dec 15, 2015, at 11:35, Jerome Athias <athiasjerome@GMAIL.COM> wrote: > > Hi, > > Thanks for asking. > Yes I think we should specify/highly recommend TLS > > My favorite resource: > https://www.feistyduck.com/books/bulletproof-ssl-and-tls/ > > Cheers > > On Tuesday, 15 December 2015, Jordan, Bret <bret.jordan@bluecoat.com> wrote: >> >> All, >> >> Currently in the pre-draft document we have the following verbiage. >> >> This specification defines requirements for using HTTPS; this >> specification does not define requirements for using non-encrypted HTTP. All >> TAXII compliant communications and interactions in TAXII 2 MUST use HTTPS. >> >> >> Question: >> Do we need to add anything extra about specific types of HTTPS, TLS >> version, etc? >> >> >> Thanks, >> >> Bret >> >> >> >> Bret Jordan CISSP >> Director of Security Architecture and Standards | Office of the CTO >> Blue Coat Systems >> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 >> "Without cryptography vihv vivc ce xhrnrw, however, the only thing that >> can not be unscrambled is an egg." >> >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]