AWS elasticloadbalancing documentation change
Summary
Updated terminology from 'ELB' to 'Elastic Load Balancing' throughout the document and added a period to separate sentences in the cipher recommendation section.
Security assessment
Changes are purely branding/terminology updates (ELB → Elastic Load Balancing) and minor punctuation fixes. No modifications to security protocols, cipher recommendations, or vulnerability guidance. The existing security recommendations about cipher usage remain unchanged.
Diff
diff --git a/elasticloadbalancing/latest/classic/elb-ssl-security-policy.md b/elasticloadbalancing/latest/classic/elb-ssl-security-policy.md index f0e599016..2afffc821 100644 --- a//elasticloadbalancing/latest/classic/elb-ssl-security-policy.md +++ b//elasticloadbalancing/latest/classic/elb-ssl-security-policy.md @@ -9 +9 @@ Security policiesSSL protocolsServer Order PreferenceSSL ciphersCipher suite for -ELB uses a Secure Socket Layer (SSL) negotiation configuration, known as a _security policy_ , to negotiate SSL connections between a client and the load balancer. A security policy is a combination of SSL protocols, SSL ciphers, and the Server Order Preference option. For more information about configuring an SSL connection for your load balancer, see [Listeners for your Classic Load Balancer](./elb-listener-config.html). +Elastic Load Balancing uses a Secure Socket Layer (SSL) negotiation configuration, known as a _security policy_ , to negotiate SSL connections between a client and the load balancer. A security policy is a combination of SSL protocols, SSL ciphers, and the Server Order Preference option. For more information about configuring an SSL connection for your load balancer, see [Listeners for your Classic Load Balancer](./elb-listener-config.html). @@ -48 +48 @@ The _SSL protocol_ establishes a secure connection between a client and a server -Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols that are used to encrypt confidential data over insecure networks such as the internet. The TLS protocol is a newer version of the SSL protocol. In the ELB documentation, we refer to both SSL and TLS protocols as the SSL protocol. +Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols that are used to encrypt confidential data over insecure networks such as the internet. The TLS protocol is a newer version of the SSL protocol. In the Elastic Load Balancing documentation, we refer to both SSL and TLS protocols as the SSL protocol. @@ -60 +60 @@ If you previously enabled the SSL 2.0 protocol in a custom policy, we recommend -ELB supports the _Server Order Preference_ option for negotiating connections between a client and a load balancer. During the SSL connection negotiation process, the client and the load balancer present a list of ciphers and protocols that they each support, in order of preference. By default, the first cipher on the client's list that matches any one of the load balancer's ciphers is selected for the SSL connection. If the load balancer is configured to support Server Order Preference, then the load balancer selects the first cipher in its list that is in the client's list of ciphers. This ensures that the load balancer determines which cipher is used for SSL connection. If you do not enable Server Order Preference, the order of ciphers presented by the client is used to negotiate connections between the client and the load balancer. +Elastic Load Balancing supports the _Server Order Preference_ option for negotiating connections between a client and a load balancer. During the SSL connection negotiation process, the client and the load balancer present a list of ciphers and protocols that they each support, in order of preference. By default, the first cipher on the client's list that matches any one of the load balancer's ciphers is selected for the SSL connection. If the load balancer is configured to support Server Order Preference, then the load balancer selects the first cipher in its list that is in the client's list of ciphers. This ensures that the load balancer determines which cipher is used for SSL connection. If you do not enable Server Order Preference, the order of ciphers presented by the client is used to negotiate connections between the client and the load balancer. @@ -68 +68 @@ Note that a certificate provided by AWS Certificate Manager (ACM) contains an RS -ELB supports the following ciphers for use with Classic Load Balancers. A subset of these ciphers are used by the predefined SSL policies. All of these ciphers are available for use in a custom policy. We recommend that you use only the ciphers included in the default security policy (those with an asterisk). Many of the other ciphers are not secure and should be used at your own risk. +Elastic Load Balancing supports the following ciphers for use with Classic Load Balancers. A subset of these ciphers are used by the predefined SSL policies. All of these ciphers are available for use in a custom policy. We recommend that you use only the ciphers included in the default security policy (those with an asterisk). Many of the other ciphers are not secure and should be used at your own risk.