gaja-group
/
server-configs-nginx
mirror of https://github.com/h5bp/server-configs-nginx
2
0
Fork 0
Code Issues Releases Wiki Activity

Improve writing 

[ci skip]
This commit is contained in:
Léo Colombaro 2020-12-29 18:22:16 +01:00 committed by GitHub
parent 18d933c256
commit f0b3fd25ce
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
h5bp/ssl/policy_modern.conf
View File

@ -5,7 +5,7 @@
# For services that want to be on the bleeding edge, the parameters below # For services that want to be on the bleeding edge, the parameters below
# sacrifice compatibility for the highest level of security and performance. # sacrifice compatibility for the highest level of security and performance.
# #
# (!) TLSv1.3 and it's 0-RTT feature require NGINX >=1.15.4 and OpenSSL >=1.1.1 # (!) TLSv1.3 and its 0-RTT feature require NGINX >=1.15.4 and OpenSSL >=1.1.1
# to be installed. # to be installed.
# #
# (!) Don't enable `ssl_early_data` blindly! Requests sent within early data are # (!) Don't enable `ssl_early_data` blindly! Requests sent within early data are
@ -23,8 +23,9 @@
# #
# (!) Requests sent within early data are subject to replay attacks. # (!) Requests sent within early data are subject to replay attacks.
# To protect against such attacks at the application layer, the # To protect against such attacks at the application layer, the
# $ssl_early_data variable should be used: # `$ssl_early_data` variable should be used:
# proxy_set_header Early-Data $ssl_early_data; #
# proxy_set_header Early-Data $ssl_early_data;
# #
# The application should return response code 425 "Too Early" for anything # The application should return response code 425 "Too Early" for anything
# that could contain user supplied data. # that could contain user supplied data.