We need requirements to check on the invocation of TLS functionality (which will be platform-specific). For example, actually validating certificates (since most platforms offer APIs that permit TLS session setup without validation). This should work well with our two-tier model for cryptographic services (invoke functionality or make your own).
We need requirements to check on the invocation of TLS functionality (which will be platform-specific). For example, actually validating certificates (since most platforms offer APIs that permit TLS session setup without validation). This should work well with our two-tier model for cryptographic services (invoke functionality or make your own).