[jdev] https://github.com/stpeter/manifesto and additional ideas

Ralf Skyper Kaiser skyper at thc.org
Thu Nov 14 12:53:53 UTC 2013


Hi,

Ideas, comments and an open discussion are welcome to include the
following ideas in the manifesto.

- Client-support for certificate pinning (including pinning of self-signed
certificates).
  https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning
  http://tools.ietf.org/html/draft-ietf-websec-key-pinning-08

- Client Lockdown feature: Automatically sets a variety of security
preferences
  to "known good" settings. Once lockdown option is set the user should not
be
  able to change any of the 'locked' security preferences until lockdown is
disabled
  again (e.g. gray out the option). Lockdown includes: Do not permit non-OTR
  messages, require TLS, do not permit message logging)

- Client to notify server which method the client used to authenticate the
server's
  identity and if client is in Lockdown.

regards,

ralf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20131114/c1d9af59/attachment.html>


More information about the JDev mailing list