ach-master.git
6 years agotypo
berq [Mon, 9 Dec 2013 20:04:34 +0000 (21:04 +0100)]
typo

6 years agofix labels and references
Aaron Kaplan [Mon, 9 Dec 2013 19:43:25 +0000 (20:43 +0100)]
fix labels and references

6 years agoadd a comment about libs/OS specific issues. --> LATER
Aaron Kaplan [Mon, 9 Dec 2013 19:21:19 +0000 (20:21 +0100)]
add a comment about libs/OS specific  issues. --> LATER

6 years agoadd logos
Aaron Kaplan [Mon, 9 Dec 2013 18:56:30 +0000 (19:56 +0100)]
add logos

6 years agoreminder to contact lists for reviewing
Aaron Kaplan [Mon, 9 Dec 2013 18:53:53 +0000 (19:53 +0100)]
reminder to contact lists for reviewing

6 years agoignore .bbl, etc
Aaron Kaplan [Mon, 9 Dec 2013 18:53:04 +0000 (19:53 +0100)]
ignore .bbl, etc

6 years agodocument openvpn line length limit
cm [Mon, 9 Dec 2013 17:44:42 +0000 (18:44 +0100)]
document openvpn line length limit

6 years agoAdded Makefile targets for PDF Upload and www (pdf then upload)
Pepi Zawodsky [Sun, 8 Dec 2013 14:43:53 +0000 (15:43 +0100)]
Added Makefile targets for PDF Upload and www (pdf then upload)

6 years agobe more clear about RSA/DH and ECC
Aaron Zauner [Sat, 7 Dec 2013 20:45:16 +0000 (21:45 +0100)]
be more clear about RSA/DH and ECC

6 years agoremoved juniper section
Aaron Zauner [Sat, 7 Dec 2013 15:40:35 +0000 (16:40 +0100)]
removed juniper section

6 years agoshorten version
Aaron Zauner [Sat, 7 Dec 2013 15:25:37 +0000 (16:25 +0100)]
shorten version

6 years agoremove additional settings in ASA
Aaron Zauner [Sat, 7 Dec 2013 15:24:42 +0000 (16:24 +0100)]
remove additional settings in ASA

6 years agoadded gnupg-ecc link
Aaron Zauner [Sat, 7 Dec 2013 15:20:58 +0000 (16:20 +0100)]
added gnupg-ecc link

6 years agoreworked parts of the PGP section
Aaron Zauner [Sat, 7 Dec 2013 15:05:50 +0000 (16:05 +0100)]
reworked parts of the PGP section

6 years agoget rid of "a" :)
Aaron Zauner [Sat, 7 Dec 2013 14:56:11 +0000 (15:56 +0100)]
get rid of "a" :)

6 years agobe more consice
Aaron Zauner [Sat, 7 Dec 2013 14:55:06 +0000 (15:55 +0100)]
be more consice

6 years agos/sesion/session
Aaron Zauner [Sat, 7 Dec 2013 14:49:31 +0000 (15:49 +0100)]
s/sesion/session

6 years agofixed \url
Aaron Zauner [Sat, 7 Dec 2013 14:47:32 +0000 (15:47 +0100)]
fixed \url

6 years agoGPG: no more engrish
Aaron Zauner [Sat, 7 Dec 2013 14:42:05 +0000 (15:42 +0100)]
GPG: no more engrish

6 years agos_client -> s\_client.
Aaron Kaplan [Fri, 6 Dec 2013 21:16:07 +0000 (22:16 +0100)]
s_client -> s\_client.
"_" (underscore has a meaning in TeX)

6 years agoWhoops, actually forgot to mention OpenSSL s_client in the command line tools section.
Pepi Zawodsky [Fri, 6 Dec 2013 20:14:14 +0000 (21:14 +0100)]
Whoops, actually forgot to mention OpenSSL s_client in the command line tools section.

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Pepi Zawodsky [Fri, 6 Dec 2013 20:12:19 +0000 (21:12 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoAdded more links in the tools section and restructured into via-web-tests for servers...
Pepi Zawodsky [Fri, 6 Dec 2013 20:12:16 +0000 (21:12 +0100)]
Added more links in the tools section and restructured into via-web-tests for servers, client tests, command line tools and Guides with best practice recommendations.x

6 years agovpn: removed typos
Aaron Zauner [Fri, 6 Dec 2013 20:10:24 +0000 (21:10 +0100)]
vpn: removed typos

6 years agoproxy_solutions: changed wording, removed spelling mistakes/typos
Aaron Zauner [Fri, 6 Dec 2013 20:09:07 +0000 (21:09 +0100)]
proxy_solutions: changed wording, removed spelling mistakes/typos

6 years agomake this more sub :p
Aaron Zauner [Fri, 6 Dec 2013 20:04:21 +0000 (21:04 +0100)]
make this more sub :p

6 years agochanged wording in mailserver, split mailserver and ssh in two files
Aaron Zauner [Fri, 6 Dec 2013 20:03:06 +0000 (21:03 +0100)]
changed wording in mailserver, split mailserver and ssh in two files

6 years agoipmi: changed wording
Aaron Zauner [Fri, 6 Dec 2013 19:54:41 +0000 (20:54 +0100)]
ipmi: changed wording

6 years agoGPG: changed wording, fixed spelling,..
Aaron Zauner [Fri, 6 Dec 2013 19:52:09 +0000 (20:52 +0100)]
GPG: changed wording, fixed spelling,..

6 years agociphersuites: changed wording
Aaron Zauner [Fri, 6 Dec 2013 19:35:06 +0000 (20:35 +0100)]
ciphersuites: changed wording

6 years agociphersuites: removed typos, changed spelling, added references
Aaron Zauner [Fri, 6 Dec 2013 19:23:13 +0000 (20:23 +0100)]
ciphersuites: removed typos, changed spelling, added references

6 years agoPKIs: added references, changed wording
Aaron Zauner [Fri, 6 Dec 2013 19:09:57 +0000 (20:09 +0100)]
PKIs: added references, changed wording

6 years agomethods: added references, changed wording
Aaron Zauner [Fri, 6 Dec 2013 18:53:01 +0000 (19:53 +0100)]
methods: added references, changed wording

6 years agodisclaimer: changed wording, added references to mentioned sections
Aaron Zauner [Fri, 6 Dec 2013 18:43:28 +0000 (19:43 +0100)]
disclaimer: changed wording, added references to mentioned sections

6 years agochange wording, add references
Aaron Zauner [Fri, 6 Dec 2013 18:37:14 +0000 (19:37 +0100)]
change wording, add references

6 years agoAdded Texted nginx setting
Pepi Zawodsky [Fri, 6 Dec 2013 17:55:45 +0000 (18:55 +0100)]
Added Texted nginx setting

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Pepi Zawodsky [Fri, 6 Dec 2013 17:53:38 +0000 (18:53 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoExperimental epub support
Pepi Zawodsky [Fri, 6 Dec 2013 17:53:28 +0000 (18:53 +0100)]
Experimental epub support

6 years agoFix typos
Ralf Schlatterbeck [Fri, 6 Dec 2013 17:36:55 +0000 (18:36 +0100)]
Fix typos

6 years agoadded ASA references, removed TODOs
Aaron Zauner [Fri, 6 Dec 2013 17:31:33 +0000 (18:31 +0100)]
added ASA references, removed TODOs

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Ralf Schlatterbeck [Fri, 6 Dec 2013 17:18:57 +0000 (18:18 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoStart with BiBTeX (RNG section converted)
Ralf Schlatterbeck [Fri, 6 Dec 2013 17:15:03 +0000 (18:15 +0100)]
Start with BiBTeX (RNG section converted)

Add new bibtex style alphalink.bst (this one can handle an URL parameter
in the bibtex entry and puts the url into a hyperref in the bibtex
label). I've written this style myself (by modifying one of the standard
bibtex styles).

6 years agoAdd a section over ejabberd and OTR
David Durvaux [Fri, 6 Dec 2013 16:50:30 +0000 (17:50 +0100)]
Add a section over ejabberd and OTR

6 years agocommented out the section on ssl libraries, not sure if it is in scope .. also: no...
Aaron Zauner [Thu, 5 Dec 2013 18:44:18 +0000 (19:44 +0100)]
commented out the section on ssl libraries, not sure if it is in scope .. also: no contributions that we can use in the paper

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Thu, 5 Dec 2013 13:29:59 +0000 (14:29 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded information for github users to README.md
Aaron Zauner [Thu, 5 Dec 2013 13:29:55 +0000 (14:29 +0100)]
added information for github users to README.md

6 years agoAdd Daniel to reviewers (if not co-authors)
Aaron Kaplan [Wed, 4 Dec 2013 23:14:00 +0000 (00:14 +0100)]
Add Daniel to reviewers (if not co-authors)

6 years agoupdate IPSEC section to new config a/b
cm [Wed, 4 Dec 2013 16:54:49 +0000 (17:54 +0100)]
update IPSEC section to new config a/b

6 years agoadded netcraft link on PFS to PFS section
Aaron Zauner [Wed, 4 Dec 2013 11:11:19 +0000 (12:11 +0100)]
added netcraft link on PFS to PFS section

6 years agoupdated reviewers.tex
Ulrich [Wed, 4 Dec 2013 10:56:32 +0000 (11:56 +0100)]
updated reviewers.tex

6 years agono downgrade attacks on ipsec
cm [Wed, 4 Dec 2013 10:34:58 +0000 (11:34 +0100)]
no downgrade attacks on ipsec

6 years agoadded nginx "test with" debian version
cm [Wed, 4 Dec 2013 10:32:54 +0000 (11:32 +0100)]
added nginx "test with" debian version

6 years agoshorten section title, make clear what is meant by SSL/TLS in the ASA section
Aaron Zauner [Tue, 3 Dec 2013 21:04:47 +0000 (22:04 +0100)]
shorten section title, make clear what is meant by SSL/TLS in the ASA section

6 years agoeasy-rsa can do 4096bit keys, been there done that, we should recommend it for VPNs
Aaron Zauner [Tue, 3 Dec 2013 21:02:57 +0000 (22:02 +0100)]
easy-rsa can do 4096bit keys, been there done that, we should recommend it for VPNs

6 years agoreorder openssh KEX algorithms by relevance of security decending
Aaron Zauner [Tue, 3 Dec 2013 20:32:16 +0000 (21:32 +0100)]
reorder openssh KEX algorithms by relevance of security decending

6 years agocorrect nomenclature on galloi counter mode
Aaron Zauner [Tue, 3 Dec 2013 20:18:52 +0000 (21:18 +0100)]
correct nomenclature on galloi counter mode

6 years agoadded openssh ServerKeyBits (set to 4096)
Aaron Zauner [Tue, 3 Dec 2013 17:40:05 +0000 (18:40 +0100)]
added openssh ServerKeyBits (set to 4096)

6 years agonsa does not get credits!
Aaron Zauner [Tue, 3 Dec 2013 15:47:57 +0000 (16:47 +0100)]
nsa does not get credits!

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Tue, 3 Dec 2013 15:40:47 +0000 (16:40 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadd acknowledgement section
Aaron Zauner [Tue, 3 Dec 2013 15:40:46 +0000 (16:40 +0100)]
add acknowledgement section

6 years agopush the notes for the next steps
Aaron Kaplan [Mon, 2 Dec 2013 22:51:07 +0000 (23:51 +0100)]
push the notes for the next steps

6 years agotweak cipher string variant B
Aaron Kaplan [Mon, 2 Dec 2013 22:40:14 +0000 (23:40 +0100)]
tweak cipher string variant B

6 years agoitemize
Aaron Kaplan [Mon, 2 Dec 2013 22:40:05 +0000 (23:40 +0100)]
itemize

6 years agocomment out an old section which we simply kept before since it has a nice table...
Aaron Kaplan [Mon, 2 Dec 2013 20:44:09 +0000 (21:44 +0100)]
comment out an old section which we simply kept before since it has a nice table formatting example.

6 years agonarrow down scope a bit
Aaron Kaplan [Mon, 2 Dec 2013 20:33:52 +0000 (21:33 +0100)]
narrow down scope a bit

6 years agoremove the paragraph about NIST
Aaron Kaplan [Mon, 2 Dec 2013 20:30:46 +0000 (21:30 +0100)]
remove the paragraph about NIST

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 2 Dec 2013 20:06:53 +0000 (21:06 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded subsection text and justification for Cisco ASA
Aaron Zauner [Mon, 2 Dec 2013 20:06:47 +0000 (21:06 +0100)]
added subsection text and justification for Cisco ASA

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 2 Dec 2013 20:04:19 +0000 (21:04 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoalso put the presentation into git
Aaron Kaplan [Mon, 2 Dec 2013 20:00:06 +0000 (21:00 +0100)]
also put the presentation into git

6 years agomake sure that every "make pdf" re-generates the git info in the
Aaron Kaplan [Mon, 2 Dec 2013 19:58:41 +0000 (20:58 +0100)]
make sure that every "make pdf" re-generates the git info in the
pages' footer

6 years agoImproved Markdown Formatting of FAQ
Pepi Zawodsky [Mon, 2 Dec 2013 19:57:07 +0000 (20:57 +0100)]
Improved Markdown Formatting of FAQ

6 years agoImproved Markdown Formatting of README
Pepi Zawodsky [Mon, 2 Dec 2013 19:54:08 +0000 (20:54 +0100)]
Improved Markdown Formatting of README

6 years agoremark on the strength of 3DES
Aaron Kaplan [Mon, 2 Dec 2013 19:38:49 +0000 (20:38 +0100)]
remark on the strength of 3DES

6 years agowhite paper -> "guide"
Aaron Kaplan [Mon, 2 Dec 2013 19:38:19 +0000 (20:38 +0100)]
white paper -> "guide"

6 years agoadd a section on how to read this guide
Aaron Kaplan [Mon, 2 Dec 2013 19:38:00 +0000 (20:38 +0100)]
add a section on how to read this guide

6 years agoadd Berg San . Thanks for the DB section
Aaron Kaplan [Mon, 2 Dec 2013 17:52:51 +0000 (18:52 +0100)]
add Berg San . Thanks for the DB section

6 years agofix one todo from disclaimer.tex
Aaron Kaplan [Mon, 2 Dec 2013 11:08:39 +0000 (12:08 +0100)]
fix one todo from disclaimer.tex

6 years agorewrite openvpn section according to TODOs
cm [Sat, 30 Nov 2013 23:42:36 +0000 (00:42 +0100)]
rewrite openvpn section according to TODOs

6 years agoRemoved add_header X-Frame-Options DENY by suggestion of Christian Mock since it...
Pepi Zawodsky [Fri, 29 Nov 2013 18:52:19 +0000 (19:52 +0100)]
Removed add_header X-Frame-Options DENY by suggestion of Christian Mock since it is security- but not crypto related.

6 years agoFix typo (thanks to Adi)
Ralf Schlatterbeck [Fri, 29 Nov 2013 10:37:07 +0000 (11:37 +0100)]
Fix typo (thanks to Adi)

6 years agoCorrected misspelled namex
Pepi Zawodsky [Thu, 28 Nov 2013 14:36:36 +0000 (15:36 +0100)]
Corrected misspelled namex

6 years agominor formatting of a footnote: { } was missing
Aaron Kaplan [Thu, 28 Nov 2013 14:26:10 +0000 (15:26 +0100)]
minor formatting of a footnote: { } was missing

6 years agoadded section RNGs which was written by Ralf Schlatterbeck.
Aaron Kaplan [Thu, 28 Nov 2013 14:23:46 +0000 (15:23 +0100)]
added section RNGs which was written by Ralf Schlatterbeck.
Pls. review

6 years agoAdded nginx settings for DH parameters recommending at least the same bit length...
Pepi Zawodsky [Thu, 28 Nov 2013 13:13:15 +0000 (14:13 +0100)]
Added nginx settings for DH parameters recommending at least the same bit length as the RSA key used. Like Apache 2.4 implicily handles this.

6 years agonginx does't allow ssl_protocols to be excluded, only to be included. Our given examp...
Pepi Zawodsky [Thu, 28 Nov 2013 13:01:15 +0000 (14:01 +0100)]
nginx does't allow ssl_protocols to be excluded, only to be included. Our given example would be better but does not actually work in nginx (1.4.4, current stable as of 2013-11-28 14:00 CET). Corrected example to a working syntax.

6 years agoChanges nginx ECC curve selection example to the least-bad but actually widely suppor...
Pepi Zawodsky [Thu, 28 Nov 2013 12:58:15 +0000 (13:58 +0100)]
Changes nginx ECC curve selection example to the least-bad but actually widely supported curve which is secp384r1. The former sectk571k1 (Koblitz curve) would be a lot better, but is supported almost nowhere.

6 years agoinital introduction to the ssl libs section
Adi Kriegisch [Wed, 27 Nov 2013 15:02:57 +0000 (16:02 +0100)]
inital introduction to the ssl libs section

6 years agoapplied Berg San's patch from the mailing list as of 2013/11/26 19:23 UTC+2
Aaron Kaplan [Tue, 26 Nov 2013 19:19:12 +0000 (20:19 +0100)]
applied Berg San's patch from the mailing list as of 2013/11/26 19:23 UTC+2
+ Minor formatting improvement

6 years agoSplitting Cipher Suites section in multiple files
David Durvaux [Tue, 26 Nov 2013 17:05:56 +0000 (18:05 +0100)]
Splitting Cipher Suites section in multiple files

6 years agomodified crypto map to reflect cipher settings
Aaron Zauner [Tue, 26 Nov 2013 14:41:14 +0000 (15:41 +0100)]
modified crypto map to reflect cipher settings

6 years agoadded Cisco ASA IPsec + SSL VPN Settings
Aaron Zauner [Tue, 26 Nov 2013 13:57:05 +0000 (14:57 +0100)]
added Cisco ASA IPsec + SSL VPN Settings

6 years agoadded list on DH groups and bit security
Aaron Zauner [Tue, 26 Nov 2013 13:39:48 +0000 (14:39 +0100)]
added list on DH groups and bit security

6 years agoforgot a '"' while including "./practical_settings/proxy_solutions.tex" via \input{}
Aaron Kaplan [Tue, 26 Nov 2013 10:41:03 +0000 (11:41 +0100)]
forgot a '"' while including "./practical_settings/proxy_solutions.tex" via \input{}

6 years agofixes after practical settings refactoring
Wolfgang Breyha [Tue, 26 Nov 2013 10:32:42 +0000 (11:32 +0100)]
fixes after practical settings refactoring

6 years agoAdd missing files
David Durvaux [Tue, 26 Nov 2013 08:16:11 +0000 (09:16 +0100)]
Add missing files

6 years agoRefactor practical_settings to spli subsection in files
David Durvaux [Tue, 26 Nov 2013 06:19:44 +0000 (07:19 +0100)]
Refactor practical_settings to spli subsection in files

6 years agorephrasing
Aaron Kaplan [Tue, 26 Nov 2013 00:25:56 +0000 (01:25 +0100)]
rephrasing

6 years ago\newpage before a new section
Aaron Kaplan [Tue, 26 Nov 2013 00:23:50 +0000 (01:23 +0100)]
\newpage before a new section
erphrase abstract

6 years agoadd \newpage
Aaron Kaplan [Tue, 26 Nov 2013 00:11:54 +0000 (01:11 +0100)]
add \newpage