rspec/rules/S5527/description.adoc

To establish a SSL/TLS connection not vulnerable to man-in-the-middle attacks, it's essential to make sure the server presents the right certificate. 

The certificate's hostname-specific data should match the server hostname.


It's not recommended to re-invent the wheel by implementing custom hostname verification.

TLS/SSL libraries provide built-in hostname verification functions that should be used.
Add missing rules because of approximative section names 2020-06-30 14:41:58 +02:00			`To establish a SSL/TLS connection not vulnerable to man-in-the-middle attacks, it's essential to make sure the server presents the right certificate.`
Force linebreaks 2021-02-02 15:02:10 +01:00
Add missing rules because of approximative section names 2020-06-30 14:41:58 +02:00			`The certificate's hostname-specific data should match the server hostname.`

Force linebreaks 2021-02-02 15:02:10 +01:00
Add missing rules because of approximative section names 2020-06-30 14:41:58 +02:00			`It's not recommended to re-invent the wheel by implementing custom hostname verification.`
Force linebreaks 2021-02-02 15:02:10 +01:00
Add missing rules because of approximative section names 2020-06-30 14:41:58 +02:00			`TLS/SSL libraries provide built-in hostname verification functions that should be used.`