Menu

As informações desta página não estão completamente disponíveis no seu idioma de escolha. Esperamos disponibiliza-las integralmente em outros idiomas em breve. Para ter acesso às informações no idioma de sua preferência, faça o download do PDF aqui.

Técnicas

Forward Secrecy

NOT ON THE CURRENT EDITION
This blip is not on the current edition of the radar. If it was on one of the last few editions it is likely that it is still relevant. If the blip is older it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the radarUnderstand more
Jan 2015
Adote?

Forward Secrecy (sometimes known as 'Perfect Forward Secrecy' or PFS) is a cryptographic technique that protects previous communications sessions even if a server’s master keys are later compromised. Despite being simple to enable for HTTPS connections, many servers are not configured this way, and we recommend enabling forward secrecy to improve security. Note that we don't generally like the word 'perfect' when used to describe cryptographic protocols -- even the best protocol can be broken by a flaw in implementation, random number generator, or by advances in cryptanalytic techniques. Even so, it is important to enable the best security available, while keeping informed of new attacks and protocol improvements.

Jul 2014
Adote?
Forward Secrecy (sometimes known as "Perfect Forward Secrecy" or PFS) is a cryptographic technique that protects previous communications sessions even if a server’s master keys are later compromised. Despite being simple to enable for HTTPS connections, many servers are not configured this way, and we recommend enabling forward secrecy to improve security. Note that we don't generally like the word "perfect" when used to describe cryptographic protocols - even the best protocol can be broken by a flaw in implementation, random number generator, or by advances in cryptanalytic techniques. Even so, it's important to enable the best security available, whilst keeping informed of new attacks and protocol improvements.