An Interest In:
Web News this Week
- March 5, 2024
- March 4, 2024
- March 3, 2024
- March 2, 2024
- March 1, 2024
- February 29, 2024
- February 28, 2024
July 1, 2019 08:01 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/m3j_aCSJ2gc/germany-to-publish-standard-on-modern-secure-browsers
Germany To Publish Standard on Modern Secure Browsers
Germany's cyber-security agency is working on a set of minimum rules that modern web browsers must comply with in order to be considered secure. From a report: The new guidelines are currently being drafted by the German Federal Office for Information Security (or the Bundesamt fur Sicherheit in der Informationstechnik -- BSI), and they'll be used to advise government agencies and companies from the private sector on what browsers are safe to use. A first version of this guideline was published in 2017, but a new standard is being put together to account for improved security measures added to modern browsers, such as HSTS, SRI, CSP 2.0, telemetry handling, and improved certificate handling mechanisms -- all mentioned in a new draft released for public debate last week. According to the BSI's new draft, to be considered "secure," a modern browser must follow the following requirements, among others: Must support TLS, must have a list of trusted certificates, must support extended validation (EV) certificates, must verify loaded certificates against a Certification Revocation List (CRL) or an Online Certificate Status Protocol (OCSP); the browser must use icons or color highlights to show when communications to a remote server is encrypted or in plaintext, connections to remote websites running on expired certificates must be allowed only after specific user approval; must support HTTP Strict Transport Security (HSTS) (RFC 6797). Further reading: Germany and the Netherlands To Build the First Ever Joint Military Internet.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/m3j_aCSJ2gc/germany-to-publish-standard-on-modern-secure-browsers
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot