Skip to content
This repository was archived by the owner on Dec 10, 2021. It is now read-only.
This repository was archived by the owner on Dec 10, 2021. It is now read-only.

Key length doesn't reference the algorithms #6

Open
Open
Key length doesn't reference the algorithms#6
@ioggstream

Description

@ioggstream
ioggstream
opened on Sep 23, 2019

I expect

This section https://github.com/ongov/API-Guidelines/blob/master/API-Guidelines.md#enforce-secure-communication to associate algorithms and key length (eg. RSA - 2048, ECDSA - 256)

Instead

Just defines key length

Sensitive data must be sent over TLS version 1.2 or later, and all certificates must be SHA-256 with a minimum key length of 2048

Note

A direct link to a table with allowed (algorithms,keys) would be great.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions