Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

check for min tls version #123

Merged
merged 3 commits into from
Apr 29, 2021
Merged

check for min tls version #123

merged 3 commits into from
Apr 29, 2021

Conversation

nineinchnick
Copy link
Collaborator

@nineinchnick nineinchnick commented Oct 2, 2020
edited
Loading

Check for min tls version, similar to how we check for max classification.

Remove usesLatestTLSversion since it's not precise enough what's "latest".

@nineinchnick nineinchnick requested a review from izar as a code owner October 2, 2020 19:07
@nineinchnick nineinchnick mentioned this pull request Oct 2, 2020
Open
@nineinchnick nineinchnick force-pushed the tls branch 4 times, most recently from 936efb6 to 8619269 Compare October 4, 2020 17:12
izar
izar reviewed Dec 29, 2020
View reviewed changes
Copy link
Collaborator

@izar izar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just need to fix that message.

pytm/pytm.py Outdated
TLSVersion.NONE,
required=False,
doc="""Minimum required TLS version required.
Note that currently only TLS 1.2 and 1.3 are considered secure.""",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just wondering if the comment about the versions is not better suited for the actual threat. First, the versions will probably move and we will have to chase them here, second, on a more meta level, this adds a level of judgement that i don't think is present in other attributes (off memory, I didn't check)

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, I think this needs changing.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed the note and I noticed that required is used twice.

@izar izar added this to the v1.1.3 milestone Apr 12, 2021
@izar izar merged commit 533f436 into OWASP:master Apr 29, 2021
@nineinchnick nineinchnick mentioned this pull request Apr 30, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@izar izar izar left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.1.3
Development

Successfully merging this pull request may close these issues.
2 participants
@nineinchnick @izar