From: Adi Kriegisch <adi@kriegisch.at>
Date: Mon, 9 Dec 2013 23:03:00 +0000 (+0100)
Subject: moved footnotes to bibtex
X-Git-Url: https://git.bettercrypto.org/ach-master.git/commitdiff_plain/83b90ccb5220ccbec0504d7f23f48c27631b9307

moved footnotes to bibtex
---

diff --git a/src/cipher_suites/choosing.tex b/src/cipher_suites/choosing.tex
index 6293a67..d76a346 100644
--- a/src/cipher_suites/choosing.tex
+++ b/src/cipher_suites/choosing.tex
@@ -15,8 +15,7 @@ the disclaimer in section \ref{section:disclaimer}).
 
 Note: There are some very weak cipher suites in every crypto library, most of
 them for historic reasons or due to legacy standards. The crypto export embargo
-is a good example 
-\footnote{\url{http://en.wikipedia.org/wiki/Export_of_cryptography_in_the_United_States}}.
+is a good example\cite{Wikipedia:ExportCipher}.
 For the following chapter support of these low-security algorithms is disabled by setting
 \texttt{!EXP:!LOW:!NULL} as part of the cipher string.
 
@@ -61,7 +60,7 @@ the security (speaking in number of bits) as the RSA host key. \todo{TODO: refer
 \textbf{Elliptic Curves}\ref{section:EllipticCurveCryptography} required by current TLS
 standards only consist of the so-called NIST-curves (\texttt{secp256r1} and
 \texttt{secp384r1}) which may be weak because the parameters that led to their generation
-weren't properly explained (by the NSA).\footnote{\url{http://safecurves.cr.yp.to/rigid.html}} \\
+weren't properly explained (by the NSA)\cite{DJBSC}. \\
 Disabling support for Elliptic Curves leads to no ephemeral key exchange being available
 for the Windows platform. When you decide to use Elliptic Curves despite the uncertainty,
 make sure to at least use the stronger curve of the two supported by all clients
diff --git a/src/security.bib b/src/security.bib
index 42cb439..baaa9e5 100644
--- a/src/security.bib
+++ b/src/security.bib
@@ -113,3 +113,24 @@
   month=may,
     url="http://www.ietf.org/rfc/rfc3526.txt",
 }
+
+@techreport{DJBSC,
+   key       = {DJB},
+   title     = {SafeCurves: choosing safe curves for elliptic-curve cryptography},
+   year      = {2013},
+   month     = Dec,
+   type      = {Technical Background},
+   url       = {http://safecurves.cr.yp.to/rigid.html},
+   note      = {Accessed 2013-12-09},
+}
+
+@techreport{Wikipedia:ExportCipher,
+   key       = {Wikipedia:ExportCipher},
+   title     = {Export of cryptography in the United States},
+   institution = I_Wikipedia,
+   year      = {2013},
+   month     = Dec,
+   type      = {Wikipedia},
+   url       = {http://en.wikipedia.org/wiki/Export_of_cryptography_in_the_United_States},
+   note      = {Accessed 2013-12-09},
+}