d4e40f497f
Merge pull request #182 from ngyikp/add-favicon
...
Add favicon, fixes #138
2017-02-22 13:01:27 -05:00
b9149ada79
Add favicon, fixes #138
...
I got this latest Mozilla favicon from https://www.mozilla.org
2017-02-23 00:52:34 +08:00
bedfabfdd9
Merge pull request #173 from g-k/mathiasbynens-patch-1
...
Mathiasbynens patch 1
2016-12-28 07:26:08 -05:00
577db5f50f
Merge pull request #174 from g-k/rm-dh-params-from-modern-config
...
Remove dh params from modern config
2016-12-28 07:25:43 -05:00
48cab08737
hide dhparam size on HAProxy modern config
2016-12-23 16:08:03 -05:00
43ff7592d5
Add dhparam to lighthttpd template
...
and version check
http://redmine.lighttpd.net/projects/1/wiki/docs_ssl#Configuration
says ssl.dh-file is >=1.4.29 only
2016-12-23 16:08:02 -05:00
d5ec7b0f97
clear dhparams config var when not using DHE
...
refs:
https://github.com/mozilla/server-side-tls/issues/148
https://github.com/mozilla/server-side-tls/issues/164
2016-12-23 16:07:16 -05:00
744b1da5d3
Update to latest jQuery UI
2016-12-23 14:35:31 -05:00
0992593a6c
Clean up HTML
2016-12-23 14:35:16 -05:00
201b1f6380
Merge pull request #165 from mozilla/jvehent-patch-1
...
v4.1: Clarify Logjam notes, Clarify risk of TLS Tickets
2016-10-31 15:51:47 -04:00
3499f7907f
Address review comments
2016-10-31 15:51:26 -04:00
307d67f1a3
Merge pull request #169 from MichaelPaoli/patch-1
...
Update Server_Side_TLS.mediawiki
2016-10-31 15:40:06 -04:00
e5c27ede89
Update Server_Side_TLS.mediawiki
...
followed but --> followed by - hopefully corrected what appeared to be an English misuse or typo
2016-10-29 06:12:53 -07:00
5a870b2193
Recommend RFC7919 pre-defined groups, clarify TLS tickets
2016-10-05 12:32:49 -04:00
ea8ca49365
v4.1: Clarify Logjam notes, Clarify risk of TLS Tickets
...
r? @ekr @marumari
2016-09-30 12:38:36 -04:00
f86e96ed31
Merge pull request #154 from marumari/gh-pages
...
Make the intro section look a lot neater
2016-08-30 07:38:33 -04:00
14981de063
make the intro section look a lot neater by removing mozilla logo and shrinking generator image
2016-08-04 15:07:48 -05:00
c998a5c980
Merge pull request #152 from bndw/gh-pages
...
fixes typo
2016-08-02 07:17:17 -04:00
5a34e92128
fixes typo
2016-08-01 22:39:21 -07:00
832746e665
Merge pull request #133 from osirisinferi/ca-certificate
...
Comment SSLCACertificateFile
2016-07-28 09:39:46 -04:00
324df1e93b
Merge pull request #137 from jrchamp/patch-2
...
Update oldApache TLS support message
2016-07-28 09:39:06 -04:00
dc1b867154
Merge pull request #141 from rremer/haproxy-preferred-syntax
...
use preferred haproxy header manipulation method
2016-07-28 09:38:39 -04:00
a1d1dbec24
Merge pull request #151 from nbibler/nginx-versions-update
...
Add nginx versions 1.9.6 to 1.10.1
2016-07-28 09:37:16 -04:00
e40e77e28d
Add nginx versions 1.9.6 to 1.10.1
2016-07-28 09:23:19 -04:00
afe75ea7d2
Merge pull request #145 from edmorley/rm-client-side-https-redirect
...
Remove client-side redirect now GitHub pages support enforcing HTTPS
2016-06-08 15:59:57 -04:00
ce86a71de1
Remove client-side redirect now GitHub pages support enforcing HTTPS
...
GitHub pages now support enforcing HTTPS (which has been enabled in
#144 ), so the client-side redirect can now be removed. See:
https://help.github.com/articles/securing-your-github-pages-site-with-https/
2016-06-08 20:57:26 +01:00
5b050ea447
use preferred haproxy header manipulation method
2016-04-20 16:55:53 -07:00
5ad4602fc3
Update oldApache TLS support message
...
Apache 2.2.23 and newer support TLS 1.1 and 1.2
2016-04-05 18:44:31 -04:00
8b39a4dc3c
Comment SSLCACertificateFile
2016-03-19 12:18:23 +01:00
611e49cfea
Merge pull request #129 from Yajo/gh-pages
...
Remove ssl option from where it cannot be.
2016-03-04 07:25:49 -05:00
90bf4b393c
Remove ssl option from where it cannot be.
...
Fix #128 .
2016-03-04 09:11:22 +01:00
0c52c96ebf
Merge pull request #126 from Yajo/patch-1
...
Better defaults for HAProxy
2016-03-03 06:43:33 -05:00
332cb01593
Better defaults for HAProxy
...
Redirects with 301 HTTP to HTTPS and adds cipher and options by default to all SSL binds and servers.
2016-03-02 13:46:43 +01:00
1a41a79ca2
indentation cleanup, fixes #113
2016-02-23 08:21:30 -05:00
a62a63cfaa
Merge branch 'gh-pages' of github.com:mozilla/server-side-tls into gh-pages
2016-02-23 08:12:50 -05:00
d255367a7d
update conf generator with new recommendations
2016-02-23 08:12:06 -05:00
76fd4d931a
Provide latest json configuration
2016-02-23 08:11:45 -05:00
0674bed7c8
Merge pull request #108 from corburn/nginx
...
Add nginx HTTPS redirect with HSTS, HTTP/2, and IPv6
2016-02-14 09:54:51 -05:00
b597a05dcb
Merge pull request #116 from Sp1l/Apache-2.4.18
...
Add most recent Apache 2.4 versons
2016-02-14 09:51:38 -05:00
79a3be2bfc
Publish link to JSON version of guidelines
2016-02-13 10:09:55 -05:00
0d345670d3
Version json conf in its own folder
2016-02-12 10:32:52 -05:00
2e0d5cd832
Add most recent Apache 2.4 versons
...
Fix for #114
2016-02-11 21:12:25 +01:00
63c88f8073
Update oldest clients in JSON configuration
2016-02-11 12:02:30 -05:00
8eea4c3c17
Update oldest clients in modern configuration
2016-02-11 12:01:26 -05:00
b1fd0daaa6
Update Server_Side_TLS.mediawiki
2016-02-11 10:48:02 -05:00
3b1902a739
Add image to configuration generator at top of page
2016-02-11 10:44:31 -05:00
169658a83a
Update ciphersuites table using @marumari's script
2016-02-11 10:40:15 -05:00
7ef0672df5
Merge pull request #97 from mozilla/4.0
...
V4: updated levels, added JSON
2016-02-11 10:31:54 -05:00
e96eec0c2b
Fix typos in wiki page
2016-02-11 10:28:31 -05:00
a45a32fb3e
V4: updated ciphersuites, publish guidelines as JSON
...
This commit is the result of several months of discussions and
maturation. It represents the state of the art in TLS configurations. It
has been rebased, but the history is shown below and can be read at:
https://github.com/mozilla/server-side-tls/pull/97
- V4: updated levels, added JSON
- Remove DHE from modern, add ChaCha20
- prefer aes256 in modern, add ecdh size parameter
- Remove TLSv1.1 from modern level
- Prefer AES256-GCM to ChaCha20 in modern configuration
- Recommend ECDSAWithSHA384 as cert signature in modern conf
- Remove unused document signature
- Change recommended curve in Modern to P256
- Convert certificate types, curves and signatures to lists to support multiple acceptable values
- readd EDH-RSA-DES-CBC3-SHA to intermediate and old
- Add DHE-RSA-AES256-GCM-SHA384 to intermediate level
- rename json keys
- Revisit old ciphersuites
- Update wiki document with latest recommendations and rationales
- Add paragraph on certificates switching
- Remove configuration samples & cleanup some stuff
- reset changes to conf generator
2016-02-11 10:24:49 -05:00
Julien Vehent [:ulfr]
Ng Yik Phang
Greg Guthe
Mathias Bynens
Julien Vehent
MichaelPaoli
April King
bndw
Nathaniel Bibler
Ed Morley
Royce
jrchamp
osirisinferi
Jairo Llopis
Yajo
Bernard Spil