Skip to content

docs(https): Update HTTPS guide with TLS defaults #1285

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
josevalim merged 1 commit into from
Sep 3, 2025
Merged

docs(https): Update HTTPS guide with TLS defaults #1285

josevalim merged 1 commit into from
Sep 3, 2025
+39 −16

Conversation

@nortosem
Copy link
Contributor

@nortosem nortosem commented Sep 2, 2025

Updates the HTTPS guide to align with modern TLS defaults and security best practices merged in PR#1283

Key changes include:

  • Describes the new :strong (TLS 1.3 only) and :compatible (TLS 1.3/1.2) profiles.
  • Removes references to insecure TLS 1.0 and 1.1 protocols.
  • Adds a new section explaining the security rationale for using modern AEAD ciphers over older CBC-mode ciphers.
  • Updates the OWASP link to the current Transport Layer Security Cheat Sheet.
  • Recommends using standardized Diffie-Hellman groups (RFC 7919) and provides the correct openssl genpkey command.

@nortosem
docs(https): Update HTTPS guide with TLS defaults
52629f5 
Updates the HTTPS guide to align with modern TLS defaults and
security best practices merged in PR#1283

Key changes include:
- Describes the new :strong (TLS 1.3 only) and
  :compatible (TLS 1.3/1.2) profiles.
- Removes references to insecure TLS 1.0 and 1.1 protocols.
- Adds a new section explaining the security rationale for using
  modern AEAD ciphers over older CBC-mode ciphers.
- Updates the OWASP link to the current Transport Layer Security
  Cheat Sheet.
- Recommends using standardized Diffie-Hellman groups (RFC 7919)
  and provides the correct `openssl genpkey` command.
@josevalim josevalim merged commit a109030 into elixir-plug:main Sep 3, 2025
2 checks passed
@josevalim
Copy link
Member

josevalim commented Sep 3, 2025

💚 💙 💜 💛 ❤️

@nortosem nortosem deleted the Update-HTTPS-guide branch September 3, 2025 19:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nortosem @josevalim