Skip to content
This repository was archived by the owner on Dec 10, 2021. It is now read-only.
This repository was archived by the owner on Dec 10, 2021. It is now read-only.

Key length doesn't reference the algorithms #6

Open
Open
Key length doesn't reference the algorithms#6
@ioggstream

Description

@ioggstream
ioggstream
opened on Sep 23, 2019

I expect

This section https://github.com/ongov/API-Guidelines/blob/master/API-Guidelines.md#enforce-secure-communication to associate algorithms and key length (eg. RSA - 2048, ECDSA - 256)

Instead

Just defines key length

Sensitive data must be sent over TLS version 1.2 or later, and all certificates must be SHA-256 with a minimum key length of 2048

Note

A direct link to a table with allowed (algorithms,keys) would be great.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions