[Ach] Successor project/paper of "Applied Crypto Hardening"?

Dominic Schallert ds at schallert.com
Fri Oct 12 18:34:49 CEST 2018

Hi Rene,

> I have noticed quite the contrary. TLS v1.0 and TLS v1.1 is still in use,
> even TLS v1.2 - many years after the standards were being published.
> Adoption is very slow. I am sure that TLS v1.3 implementation will take a
> couple of years.
> This being said, yes, the best practices and recommendations change, but
> not as often as people buy new clients. The ACH guide is still valid for
> most configurations.

That’s the problem. There are some driving forces like Google[1],
Github[2] or Cloudflare[3] which usually are light-years ahead of the
majority of other companies. Generally it’s very safe to say that what
these companies do, can be considered as current best practice.

Just to give a few examples..

[1] https://tools.ietf.org/html/rfc7905
[2] https://githubengineering.com/crypto-removal-notice/ <https://githubengineering.com/crypto-removal-notice/>
[3] https://blog.cloudflare.com/introducing-tls-1-3/ <https://blog.cloudflare.com/introducing-tls-1-3/>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20181012/2964bed6/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.cert.at/pipermail/ach/attachments/20181012/2964bed6/attachment.sig>

More information about the Ach mailing list