Skip to content

Latest commit

Β 

History

History
20 lines (14 loc) Β· 748 Bytes

File metadata and controls

20 lines (14 loc) Β· 748 Bytes

Guidance

For Deployers

  1. Use TLS β€” Always deploy behind TLS termination
  2. Rate limit β€” Add rate limiting at load balancer
  3. Monitor β€” Alert on unusual handshake failure rates
  4. Rotate keys β€” Periodic key rotation limits compromise blast radius
  5. Audit policies β€” Regularly review authorization rules

For Application Developers

  1. Encrypt content β€” Use application-layer encryption for sensitive data
  2. Validate policy β€” Test authorization edge cases
  3. Handle errors β€” Don't leak information in error messages
  4. Log security events β€” Track failed auth attempts

Further Reading

See design/ for protocol documentation, security rationale, and threat model.