Closed mxsasha closed 2 years ago
job
commented
2 years ago Don't borrow from RRDP in this regard, the RRDP spec is special in this aspect in that there is an underlaying assumption about "object security".
I recommend simply referencing BCP 195 / RFC 7525 "Recommendations for Secure Use of Transport Layer Security (TLS)"
stkonst
commented
2 years ago I don't have much experiences with that subject so I will stay neutral and go with the flow. Maybe Ed can contribute more on that?
mxsasha
commented
2 years ago I recommend simply referencing BCP 195 / RFC 7525 "Recommendations for Secure Use of Transport Layer Security (TLS)"
Sounds good. As it's a single sentence, I pushed it already in 79aae27.
This is currently empty. I don't really know much except "normal reasonable HTTPS with reasonable certificate validation". Maybe we can borrow from RRDP?