-
@dusan_panic @lanodan NIST guidelines and PCI DSS are just #LOLWTF in terms of security…Permalink On twitter.com
Mood -3 🙁
-
@dusan_panic @lanodan For example, NIST requires possibly backdoored ECC curve. PCI DSS doesn’t reject SSLv3 and doesn’t enforce TLSv1.2.On twitter.com
Mood -4 🙁
-
@dusan_panic @lanodan And none reject 3DES (and RC4 if I remember).Permalink On twitter.com
Mood -4 🙁
-
@dusan_panic @lanodan Neither reject CBC cipher, or enforce HSTS/HPKP or worse, PFS only ciphers.Permalink On twitter.com
Mood -7 🙁