You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Howdy folks. Author of the Mozilla TLS guidelines here. Thanks for the great tool! I'm actually looking at using it in a number of Go projects we run.
One improvement I'd suggest to make would be to use the JSON version of the guidelines instead of hardcoding the recommendations. We host the file at https://statics.tls.security.mozilla.org/server-side-tls-conf.json You can refer to it in the code and fall back to hardcoded defaults if the retrieval fails.
That's very handy, we are looking at making it config driven at the moment so this comes at the perfect time. Also thanks a bunch for the TLS guidelines themselves, fantastically useful to have a good checklist to work to.
hmm... I wonder if we could somehow use https://blog.golang.org/generate here to pull down the latest rules at build time so we have a recent copy to fall back on should the mozilla service be unavailable or for offline scans?
Howdy folks. Author of the Mozilla TLS guidelines here. Thanks for the great tool! I'm actually looking at using it in a number of Go projects we run.
One improvement I'd suggest to make would be to use the JSON version of the guidelines instead of hardcoding the recommendations. We host the file at https://statics.tls.security.mozilla.org/server-side-tls-conf.json You can refer to it in the code and fall back to hardcoded defaults if the retrieval fails.
As an example, here is how we use the JSON recommendations in the evaluation worker in the TLS Observatory works: https://github.com/mozilla/tls-observatory/blob/master/worker/mozillaEvaluationWorker/mozillaEvaluationWorker.go
The text was updated successfully, but these errors were encountered: