v10 Communications security verification requirementsΒΆ
- 10.1 TLS chain is valid
- 10.3 TLS is used for all relevant connections
- 10.4 Backend TLS connection failures are logged
- 10.5 Client certificates are built and verified correctly
- 10.6 Connections to relevant external systems are authenticated
- 10.8 Single standard well-configured TLS implementation is used
- 10.10 Certificate pinning is used correctly
- 10.11 Strict Transport Security is used correctly
- 10.12 URL is submitted to HSTS preload lists
- 10.13 Forward secrecy ciphers are used
- 10.14 Certification revocation is enabled and configured
- 10.15 Strong certificate hierarchy
- 10.16 TLS settings are current