Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

TLS — Dos and Don’ts

  • Gateway
  • Published:
Datenschutz und Datensicherheit - DuD Aims and scope Submit manuscript

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Literatur

  1. Bodo Möller, Thai Duong, Krzysztof Kotowicz; This POODLE Bites: Exploting the SSL 3.0 Fallback; https://www.openssl.org/~bodo/ssl-poodle.pdf

  2. Mozilla; Attacks on SSL and TLS, https://wiki.mozilla.org/Security/Server_Side_TLS#Attacks_on_SSL_and_TLS

  3. Ivan Ristić; Bulletproof SSL and TLS

  4. Ivan Ristić; OpenSSL Cookbook

  5. Ivan Ristić; SSL/TLS Deployment Best Practices, https://www.ssllabs.com/downloads/SSL_TLS_Deployment_Best_Practices.pdf

  6. Diverse Autoren; Applied Crypto Hardening, https://bettercrypto.org/static/applied-crypto-hardening.pdf

  7. Chris Palmer; Gradually sunsetting SHA-1, http://googleonlinesecurity.blogspot.de/2014/09/gradually-sunsetting-sha-1.html

  8. IANA TLS Cipher Suite Registry, http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4

  9. BSI; Technische Richtlinie TR-02102-2, Kryptographische Verfahren: Empfehlungen und Schlüssellängen, Teil 2 — Verwendung von Transport Layer Security (TLS). https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSITR-02102-2_pdf.pdf?__blob=publicationFile

  10. OWASP; Transport Layer Protection Cheat Sheet, https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet

  11. OWASP; HTTP Strict Transport Security https://www.owasp.org/index.php/HTTP_Strict_Transport_Security

  12. OWASP; Certificate and Public Key Pinning, https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning

  13. Mozilla Wiki — Security TLS, https://wiki.mozilla.org/Security/Server_Side_TLS

  14. Certificate Transperency, http://www.certificate-transparency.org/

  15. Let’s encrypt; https://letsencrypt.org/

  16. Apache mod_ssl Dokumentation; http://httpd.apache.org/docs/2.4/mod/mod_ssl.html

  17. ENISA; Algorithms, key size and parameters report 2014, http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-size-and-parameters-report-2014

  18. Fox, Dirk: Perfect Forward Secrecy (PFS). DuD 11/2013, S. 729

    Article  Google Scholar 

  19. Achim Hoffmann, Torsten Gigler; O-Saft — Richtig verschlüsseln mit SSL/TLS; OWASP Day Germany 2014, https://www.owasp.org/images/1/19/Richtig_verschluesseln_mit_SSL%2BTLS_-_Achim_Hoffmann%2BTorsten_Gigler.pdf

Download references

Author information

Authors and Affiliations

  1. Karlsruhe, Deutschland

    Kai Jendrian

Authors
  1. Kai Jendrian
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Jendrian, K. TLS — Dos and Don’ts. Datenschutz Datensich 39, 114–116 (2015). https://doi.org/10.1007/s11623-015-0376-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11623-015-0376-x

Search

Navigation