Talk:OWASP Application Security FAQ

Revision as of 10:08, 28 May 2013 by Rick.mitchell (talk | contribs) (Cache info is wrong: new section)

Jump to: navigation, search

I feel that this page/article should be renamed to "OWASP Application Security FAQ". The complete form is usually preferred in Wikipedia articles and it does make the page title more readable and probably more search engine friendly. --Varunvnair 23:19, 2 July 2006 (EDT)

Need for more questions and answers

I think more questions and answers should be included into the OWASP Application Security FAQ. This requires contribution from other readers. If an answer needs clarification, please mention it in 'Discussion'.

SSL Could Use a Refresh

The "SSL" sections here are getting pretty dated. For example, there's no mention of "AES" or "SHA1" and the only mentioned symmetric key bit lengths are 40 and 128. Jlampe 09:35, 23 February 2009 (EST)

MD5 Password Hashing

The FAQ talks about hashing passwords with MD5. I believe bcrypt is the current accepted standard. Ryan Dewhurst 22:02, 22 March 2013 (GMT)

Cache info is wrong

"If a webpage is delivered using SSL, no content can be cached."

That's just totally wrong. I use Firefox to diagnose caching issues with SSL content all the time. Rick.mitchell 15:08, 28 May 2013 (UTC)