api-guidelines icon indicating copy to clipboard operation
api-guidelines copied to clipboard
verified publisher icon bcgov

General Comments

Open DaveGFord opened this issue 6 years ago • 1 comments

The Bulk Dataset via API indicates three (3) guidelines/considerations. One of which is “small datasets”. A lot of data requests call for larger segments of data, so I’d like to see a section reference larger datasets via API’s.

API Security section – Secure Data in Transit references enabling TLS version 1.2. I know last year(?) we had to upgrade due to TLS vulnerabilities and I think(?) we moved to TLS 1.2 however there’s a transcript collision (SLOTH) in 1.2. Should we be forward-looking and recommend the build of API’s that leverage TLS 1.3?

Other than that I think this is a very well written guide.

DaveGFord avatar Aug 07 '19 19:08 DaveGFord

Thank you for your comment! A peer review was held on August 9th and we have the following feedback:

We hope we’ve answered most of your feedback through the guidelines and these answers. With respect to TLS 1.3, this is preferred, but since there are still some limitations around use of TLS 1.3, the guideline’s wording will focus on using TLS 1.2 or newer versions.

jeff-card avatar Aug 13 '19 18:08 jeff-card