Difference between revisions of "Vt32-HTTP"

Line 59: Line 59:
 
== Technical ==
 
== Technical ==
  
== Examples ==
+
To fulfill the requirements for public web services (Procuts may expose their services to the Internet), only TLS (HTTPS) connections can be established from outer networks by default (depends on product).
  
 +
The HTTPS Web Server supports
 +
*TLSv1.1
 +
*TLSv1.2
 +
*TLSv1.3
 +
*Diffie-Hellman (DHE) Size 2048 bits
 +
*Elliptic Curves
 +
**P-384 (secp384r1) (384 bits)
 +
**P-256 (prime256v1) (256 bits)
 +
**X25519 (253 bits)
 +
Additionally, the implementations have been proven to be immune against the most common TLS vulnerabilities ²
 +
*POODLE over TLS
 +
*GOLDENDOODLE
 +
*Zombie POODLE
 +
*Sleeping POODLE
 +
*0-Length OpenSSL
 +
*client-initiated insecure renegotiation.
 +
*ROBOT
 +
*Heartbleed
 +
*CVE-2016-2107
 +
*CVE-2014-0224 CCS Injection.
 +
*CVE-2021-3449 OpenSSL Maliciously Crafted Renegotiation Vulnerability
  
<shl class="mw-collapsible mw-collapsed">
+
²: Tested on reference platform, may vary by used security patches and frameworks
return;
 
  
</shl>
 
  
 
== See also ==
 
== See also ==
 
* [[Extensible Services Server]]
 
* [[Extensible Services Server]]
 +
* [[SignMatic]]
  
[[Category:Building Safety]]
 
[[Category:Alarms]]
 
 
[[Category:Extensible Services Server]]
 
[[Category:Extensible Services Server]]

Revision as of 04:06, 9 March 2023

Integrated Vitw-32


No image

Developer Netroda Technologies
Type Application Library
Initial Release 2017
Platform Extensible Services / Server for Interaction

Integrated Vitw-32 Vt32-HTTP is the main Web Server assembly used by various products of the ES/S-i Family. Products include SignMatic and more.

Overview

Integrated Vitw-32 (Vitd-Windows-32) is a minimalistic, robust and memory-effective HTTP(S) Server for the ES/S-i platform. Features include

  • Core-integrated CORS
  • Sessions
  • TLS
  • Mime-handlers
  • HTTP GET/POST
  • WebSocket

Technical

To fulfill the requirements for public web services (Procuts may expose their services to the Internet), only TLS (HTTPS) connections can be established from outer networks by default (depends on product).

The HTTPS Web Server supports

  • TLSv1.1
  • TLSv1.2
  • TLSv1.3
  • Diffie-Hellman (DHE) Size 2048 bits
  • Elliptic Curves
    • P-384 (secp384r1) (384 bits)
    • P-256 (prime256v1) (256 bits)
    • X25519 (253 bits)

Additionally, the implementations have been proven to be immune against the most common TLS vulnerabilities ²

  • POODLE over TLS
  • GOLDENDOODLE
  • Zombie POODLE
  • Sleeping POODLE
  • 0-Length OpenSSL
  • client-initiated insecure renegotiation.
  • ROBOT
  • Heartbleed
  • CVE-2016-2107
  • CVE-2014-0224 CCS Injection.
  • CVE-2021-3449 OpenSSL Maliciously Crafted Renegotiation Vulnerability

²: Tested on reference platform, may vary by used security patches and frameworks


See also