Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • all pages within any given website must be available under HTTPS
  • the secure connection to the website must be enforced by automatically redirecting web browsers from the http:// to the https:// version of the website
  • special care should be applied to cover and verify the secured connection especially on transactional pages containing data in transit, for example contact forms
  • the TLS/SSL encryption level of the secure connection must be TLS 1.1 or higher.

Further recommended best good practice safeguards include:

  • couple the use of TLS with a secure management of the relevant cryptographic keys
  • oblige the web client to use HTTPS through HTTP Strict Transport Security
  • mitigate the consequences of a compromise of cryptographic keys through Forward Secrecy.

...