Passa al contenuto principale

16. References (Riferimenti)

16.1. Normative References (Riferimenti Normativi)

  • [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, marzo 1997.

  • [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P. e T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616, giugno 1999.

  • [RFC3490] Faltstrom, P., Hoffman, P. e A. Costello, "Internationalizing Domain Names in Applications (IDNA)", RFC 3490, marzo 2003.

  • [RFC3986] Berners-Lee, T., Fielding, R. e L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax", STD 66, RFC 3986, gennaio 2005.

  • [RFC5246] Dierks, T. e E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2", RFC 5246, agosto 2008.

  • [RFC5890] Klensin, J., "Internationalized Domain Names for Applications (IDNA): Definitions and Document Framework", RFC 5890, agosto 2010.

  • [RFC5891] Klensin, J., "Internationalized Domain Names in Applications (IDNA): Protocol", RFC 5891, agosto 2010.

  • [UTS46] Davis, M. e M. Suignard, "Unicode IDNA Compatibility Processing", Unicode Technical Standards # 46, giugno 2012, <http://unicode.org/reports/tr46/>.

16.2. Informative References (Riferimenti Informativi)

  • [Defeating-SSL] Marlinspike, M., "New Tricks for Defeating SSL in Practice", febbraio 2009, <http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf>.

  • [ForceHTTPS] Jackson, C. e A. Barth, "ForceHTTPS: Protecting High-Security Web Sites from Network Attacks", maggio 2008, <http://www.collinjackson.com/research/papers/forcehttps.pdf>.

  • [OWASP-TLSGuide] OWASP, "Transport Layer Protection Cheat Sheet", <https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet>.

  • [RFC2246] Dierks, T. e C. Allen, "The TLS Protocol Version 1.0", RFC 2246, gennaio 1999.

  • [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, maggio 2000.

  • [RFC3864] Klyne, G., Nottingham, M. e J. Mogul, "Registration Procedures for Message Header Fields", BCP 90, RFC 3864, settembre 2004.

  • [RFC4033] Arends, R., Austein, R., Larson, M., Massey, D. e S. Rose, "DNS Security Introduction and Requirements", RFC 4033, marzo 2005.

  • [RFC4346] Dierks, T. e E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.1", RFC 4346, aprile 2006.

  • [RFC5226] Narten, T. e H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, maggio 2008.

  • [RFC5894] Klensin, J., "Internationalized Domain Names for Applications (IDNA): Background, Explanation, and Rationale", RFC 5894, agosto 2010.

  • [RFC5895] Resnick, P. e P. Hoffman, "Mapping Characters for Internationalized Domain Names in Applications (IDNA) 2008", RFC 5895, settembre 2010.

  • [RFC6101] Freier, A., Karlton, P. e P. Kocher, "The Secure Sockets Layer (SSL) Protocol Version 3.0", RFC 6101, agosto 2011.

  • [RFC6698] Hoffman, P. e J. Schlyter, "The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA", RFC 6698, agosto 2012.

  • [RFC7525] Sheffer, Y., Holz, R. e P. Saint-Andre, "Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)", BCP 195, RFC 7525, maggio 2015.

  • [W3C.REC-wsc-ui-20100812] Saldhana, T. e T. Roessler, "Web Security Context: User Interface Guidelines", World Wide Web Consortium Recommendation REC-wsc-ui-20100812, agosto 2010, <http://www.w3.org/TR/2010/REC-wsc-ui-20100812>.

  • [WebAppSec] Johns, M., "Securing Web Applications with Structured Policies", tesi di dottorato, University of Passau, dicembre 2009.

Ultimo aggiornamento il