AWS AmazonCloudFront medium security documentation change
Summary
Removed secp384r1 from allowed ECDSA curves for trust store certificates
Security assessment
Reduces supported cryptographic algorithms, potentially addressing vulnerabilities in elliptic curve cryptography (e.g., weakening older algorithms)
Diff
diff --git a/AmazonCloudFront/latest/DeveloperGuide/trust-stores-certificate-management.md b/AmazonCloudFront/latest/DeveloperGuide/trust-stores-certificate-management.md index b3f87e5a6..592bccb10 100644 --- a//AmazonCloudFront/latest/DeveloperGuide/trust-stores-certificate-management.md +++ b//AmazonCloudFront/latest/DeveloperGuide/trust-stores-certificate-management.md @@ -55 +55 @@ Trust stores have specific requirements for the CA certificates they contain: - * ECDSA: secp256r1, secp384r1 + * ECDSA: secp256r1