Loading clauses/5.Requirements.md +6 −0 Original line number Diff line number Diff line Loading @@ -35,6 +35,12 @@ does split tunneling pose a security threat relevant to this document? maybe in - unauthorised collection of PII by client - unauthorised filtering or tampering of traffic (mitm) common CVE: auth bypass - De-anonymize using stuff in the unencrypted header that is unique to user - Document the purpose of each field and whether or not it could be used to identify the user, by itself or in combination with other fields - Reduce the number of fields to the point where they cannot uniquely identify more than 1% of the total users? (or zero fields) ## 5.3 [KEV] Known exploitable vulnerabilities ## 5.4 [CONFIG] Configuration Loading Loading
clauses/5.Requirements.md +6 −0 Original line number Diff line number Diff line Loading @@ -35,6 +35,12 @@ does split tunneling pose a security threat relevant to this document? maybe in - unauthorised collection of PII by client - unauthorised filtering or tampering of traffic (mitm) common CVE: auth bypass - De-anonymize using stuff in the unencrypted header that is unique to user - Document the purpose of each field and whether or not it could be used to identify the user, by itself or in combination with other fields - Reduce the number of fields to the point where they cannot uniquely identify more than 1% of the total users? (or zero fields) ## 5.3 [KEV] Known exploitable vulnerabilities ## 5.4 [CONFIG] Configuration Loading
