[jdev] https://github.com/stpeter/manifesto and additional ideas
Ralf Skyper Kaiser
skyper at thc.org
Thu Nov 14 12:53:53 UTC 2013
Hi,
Ideas, comments and an open discussion are welcome to include the
following ideas in the manifesto.
- Client-support for certificate pinning (including pinning of self-signed
certificates).
https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning
http://tools.ietf.org/html/draft-ietf-websec-key-pinning-08
- Client Lockdown feature: Automatically sets a variety of security
preferences
to "known good" settings. Once lockdown option is set the user should not
be
able to change any of the 'locked' security preferences until lockdown is
disabled
again (e.g. gray out the option). Lockdown includes: Do not permit non-OTR
messages, require TLS, do not permit message logging)
- Client to notify server which method the client used to authenticate the
server's
identity and if client is in Lockdown.
regards,
ralf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.jabber.org/jdev/attachments/20131114/c1d9af59/attachment.html>
More information about the JDev
mailing list