1 \chapter{Further research}
2 \label{cha:further-research}
3 The following is a list of services, software packages, hardware devices or protocols that we considered documenting but either did not manage to document yet or might be able to document later. We encourage input from the Internet community.
7 \item whatsapp (might be problematic\\ since a user/admin can't change anything)
9 \item Skype (might be problematic since a user/admin can't change anything)
10 \item Wi-Fi APs, 802.1X
14 \item DNSSec (mention BCPs)
17 \item S/Mime (check are there any BCPs? )
18 \item TrueCrypt, LUKS, FileVault
27 \item Commerical network equipment vendors
29 \item Moxa , APC, und co... ICS . Ethernet to serial
30 \item telnet (only sensible reocmmendation: \emph{DON't!!})
32 \item v6 spoofing (look at work by Ferndo Gont, Marc Heuse, et. al.)
39 \item webmin (probably the same recommendations as with Apache apply, but where does that need to be configured?)
40 \item plesk (same as webmin)
41 \item phpmyadmin (same as webmin)
42 \item DSL modems (where to start?)
44 \item SAML federated auth providers \footnote{e.g., all the REFEDS folks (\url{https://refeds.org/})), including InCommon (\url{http://www.incommon.org/federation/metadata.html}
45 \url{https://wiki.shibboleth.net/confluence/display/SHIB2/TrustManagement} }
46 \item Microsoft SQL Server
52 %%% TeX-master: "applied-crypto-hardening"