AWS prescriptive-guidance documentation change
Summary
Added categorization of cryptographic algorithms into 'Preferred' and 'Acceptable' with explanatory text
Security assessment
The update clarifies security best practices by categorizing cryptographic algorithms, helping users prioritize secure configurations. While this enhances security guidance, there is no explicit mention of addressing a specific vulnerability or incident.
Diff
diff --git a/prescriptive-guidance/latest/encryption-best-practices/aws-cryptography-services.md b/prescriptive-guidance/latest/encryption-best-practices/aws-cryptography-services.md index f0258ced9..769e3be1f 100644 --- a//prescriptive-guidance/latest/encryption-best-practices/aws-cryptography-services.md +++ b//prescriptive-guidance/latest/encryption-best-practices/aws-cryptography-services.md @@ -38 +38,8 @@ AWS closely tracks cryptographic developments, security issues, and research res -The following tables list recommended cryptographic algorithms and their status. +The following tables summarize the cryptographic algorithms, ciphers, modes, and key sizes that AWS deploys across its services to protect your data. They should not be considered to be an exhaustive list of all cryptography options available in AWS. The algorithms fall into two categories: + + * _Preferred_ algorithms meet the AWS security and performance standards. + + * _Acceptable_ algorithms can be used for compatibility in some applications but are not preferred. + + +