ach-master.git
6 years agoMerge github.com:BetterCrypto/Applied-Crypto-Hardening
Aaron Kaplan [Mon, 23 Dec 2013 22:14:11 +0000 (23:14 +0100)]
Merge github.com:BetterCrypto/Applied-Crypto-Hardening

6 years agomove seclayer-tcp to further research theory-rewrite
Aaron Kaplan [Mon, 23 Dec 2013 22:11:25 +0000 (23:11 +0100)]
move seclayer-tcp to further research

6 years agoexclude seclayer-tcp for now. Waiting for input from A-trust
Aaron Kaplan [Mon, 23 Dec 2013 22:10:15 +0000 (23:10 +0100)]
exclude seclayer-tcp for now. Waiting for input from A-trust

6 years agomove l2tp, racoon to further research
Aaron Kaplan [Mon, 23 Dec 2013 22:07:28 +0000 (23:07 +0100)]
move l2tp, racoon to further research

6 years agoremove l2tp, racoon. No content yet
Aaron Kaplan [Mon, 23 Dec 2013 22:06:56 +0000 (23:06 +0100)]
remove l2tp, racoon. No content yet

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master into theory-rewrite
Aaron Kaplan [Mon, 23 Dec 2013 22:04:44 +0000 (23:04 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master into theory-rewrite

6 years agocorrect the flow diagram
Aaron Kaplan [Mon, 23 Dec 2013 22:04:16 +0000 (23:04 +0100)]
correct the flow diagram

6 years agoadd sebix to reviewers. Thank you very much!!
Aaron Kaplan [Mon, 23 Dec 2013 21:46:53 +0000 (22:46 +0100)]
add sebix to reviewers. Thank you very much!!

6 years agoMerge pull request #15 from sebix/master
Aaron Zauner [Mon, 23 Dec 2013 21:44:36 +0000 (13:44 -0800)]
Merge pull request #15 from sebix/master

Practical settings: Webserver Lighttpd finished

6 years agominor layout modifications and clean-up
Eva Seidl [Mon, 23 Dec 2013 21:37:29 +0000 (22:37 +0100)]
minor layout modifications and clean-up

6 years agochange \begin{description} to subsections as in webservers, mailservers and the other...
Aaron Kaplan [Mon, 23 Dec 2013 21:27:44 +0000 (22:27 +0100)]
change \begin{description} to subsections as in webservers, mailservers and the other sections
remove cruft from empty subsections
Consider removing racoon and l2tp for now

6 years agomerging webserver.tex with upstream
sebix [Mon, 23 Dec 2013 21:26:29 +0000 (22:26 +0100)]
merging webserver.tex with upstream

6 years agoLighttpd Section finished and tested,
sebix [Mon, 23 Dec 2013 21:18:48 +0000 (22:18 +0100)]
Lighttpd Section finished and tested,
config complete, tested with 3 combos, and with explanations around :)
small addition in apache section: SSL Cert files, and required
modules

6 years agoformatting
Aaron Kaplan [Mon, 23 Dec 2013 21:07:54 +0000 (22:07 +0100)]
formatting

6 years agothe Caution warning is not neccessary anymore, we explained on the theory/overview...
Aaron Kaplan [Mon, 23 Dec 2013 20:50:33 +0000 (21:50 +0100)]
the Caution warning is not neccessary anymore, we explained on the theory/overview.tex section
why and how admins can select their own cipher suite

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master into theory-rewrite
Aaron Kaplan [Mon, 23 Dec 2013 20:39:53 +0000 (21:39 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master into theory-rewrite

6 years agofixed all reverences now
Aaron Kaplan [Mon, 23 Dec 2013 20:39:11 +0000 (21:39 +0100)]
fixed all reverences now

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 23 Dec 2013 20:38:44 +0000 (21:38 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded how to test stuff for MTAs and moved SMTP in general section to top of mailserv...
Aaron Zauner [Mon, 23 Dec 2013 20:38:36 +0000 (21:38 +0100)]
added how to test stuff for MTAs and moved SMTP in general section to top of mailserver section

6 years agooops, subsection was a duplicate
Aaron Kaplan [Mon, 23 Dec 2013 20:33:15 +0000 (21:33 +0100)]
oops, subsection was a duplicate

6 years agomoved PKIs.tex to theory/
Aaron Kaplan [Mon, 23 Dec 2013 20:31:26 +0000 (21:31 +0100)]
moved PKIs.tex to theory/

6 years agomerging in RNGs.tex
Aaron Kaplan [Mon, 23 Dec 2013 20:29:56 +0000 (21:29 +0100)]
merging in RNGs.tex

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master into theory-rewrite
Aaron Kaplan [Mon, 23 Dec 2013 20:28:29 +0000 (21:28 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master into theory-rewrite

Conflicts:
src/RNGs.tex

6 years agoMerge branch 'theory-rewrite'
Aaron Zauner [Mon, 23 Dec 2013 20:28:04 +0000 (21:28 +0100)]
Merge branch 'theory-rewrite'

6 years agoactually add the compatibility section. It is important
Aaron Kaplan [Mon, 23 Dec 2013 20:20:00 +0000 (21:20 +0100)]
actually add the compatibility section. It is important

6 years agofix references
Aaron Kaplan [Mon, 23 Dec 2013 20:19:33 +0000 (21:19 +0100)]
fix references

6 years agoAdded 30C3 Lightningtalk Slides PDF
Pepi Zawodsky [Mon, 23 Dec 2013 20:06:47 +0000 (21:06 +0100)]
Added 30C3 Lightningtalk Slides PDF

6 years agoNow ignoring the missing fonts log by TeX
Pepi Zawodsky [Mon, 23 Dec 2013 20:06:03 +0000 (21:06 +0100)]
Now ignoring the missing fonts log by TeX

6 years agomoved images to img/ subdir
Aaron Kaplan [Mon, 23 Dec 2013 20:02:35 +0000 (21:02 +0100)]
moved images to img/ subdir

6 years agoadd label
Aaron Kaplan [Mon, 23 Dec 2013 20:00:52 +0000 (21:00 +0100)]
add label

6 years ago@@@CIPHERSUITEB@@@ macro
Aaron Kaplan [Mon, 23 Dec 2013 19:51:00 +0000 (20:51 +0100)]
@@@CIPHERSUITEB@@@ macro

6 years agowrite the @@@CIPHERSTRINGB@@@ macro here
Aaron Kaplan [Mon, 23 Dec 2013 19:50:44 +0000 (20:50 +0100)]
write the @@@CIPHERSTRINGB@@@ macro here

6 years agofixed one todo, thanks to Florian Mendels' section
Aaron Kaplan [Mon, 23 Dec 2013 19:46:02 +0000 (20:46 +0100)]
fixed one todo, thanks to Florian Mendels' section

6 years agomove things into the theory/ subdir
Aaron Kaplan [Mon, 23 Dec 2013 19:44:08 +0000 (20:44 +0100)]
move things into the theory/ subdir

6 years ago move theory sections into theory subdir
Aaron Kaplan [Mon, 23 Dec 2013 19:31:45 +0000 (20:31 +0100)]
 move theory sections into theory subdir

6 years agomove .tex files into the theory subdirectory
Aaron Kaplan [Mon, 23 Dec 2013 19:31:15 +0000 (20:31 +0100)]
move .tex files into the theory subdirectory

6 years agoremove .out file
Aaron Kaplan [Mon, 23 Dec 2013 19:30:53 +0000 (20:30 +0100)]
remove .out file

6 years agoRNG epigraph
Aaron Zauner [Mon, 23 Dec 2013 18:33:48 +0000 (19:33 +0100)]
RNG epigraph

6 years agotypo
Aaron Kaplan [Mon, 23 Dec 2013 18:24:04 +0000 (19:24 +0100)]
typo

6 years agotypo
Aaron Kaplan [Mon, 23 Dec 2013 18:08:32 +0000 (19:08 +0100)]
typo

6 years agoreminder of a todo
Aaron Kaplan [Mon, 23 Dec 2013 18:07:16 +0000 (19:07 +0100)]
reminder of a todo

6 years agoexperiment with font color for sections
Aaron Kaplan [Mon, 23 Dec 2013 18:06:59 +0000 (19:06 +0100)]
experiment with font color for sections

6 years agoformatting, structure
Aaron Kaplan [Mon, 23 Dec 2013 16:13:30 +0000 (17:13 +0100)]
formatting, structure

6 years agore-formatting mailservers chapter
Aaron Kaplan [Mon, 23 Dec 2013 15:58:30 +0000 (16:58 +0100)]
re-formatting mailservers chapter

6 years agoreformatting ssh
Aaron Kaplan [Mon, 23 Dec 2013 15:58:20 +0000 (16:58 +0100)]
reformatting ssh

6 years agouse subsubsection instead of description for ssh.tex
Aaron Kaplan [Mon, 23 Dec 2013 15:45:47 +0000 (16:45 +0100)]
use subsubsection instead of description for ssh.tex

6 years agofix url
Aaron Kaplan [Mon, 23 Dec 2013 15:30:44 +0000 (16:30 +0100)]
fix url
formattting

6 years agoadd todo
Aaron Kaplan [Mon, 23 Dec 2013 15:28:05 +0000 (16:28 +0100)]
add todo

6 years agoadd a section on who should read this paper and on related publications
Aaron Kaplan [Mon, 23 Dec 2013 15:10:24 +0000 (16:10 +0100)]
add a section on who should read this paper and on related publications

6 years agoAdd ENISA's report
Aaron Kaplan [Mon, 23 Dec 2013 15:09:29 +0000 (16:09 +0100)]
Add ENISA's report

6 years agoformatting of quotes
Aaron Kaplan [Mon, 23 Dec 2013 14:53:02 +0000 (15:53 +0100)]
formatting of quotes

6 years agoformatting of quotes
Aaron Kaplan [Mon, 23 Dec 2013 14:52:39 +0000 (15:52 +0100)]
formatting of quotes

6 years agoinclude very first version of theory.tex
Aaron Kaplan [Mon, 23 Dec 2013 14:52:16 +0000 (15:52 +0100)]
include very first version of theory.tex

6 years agoinitial version of theory.tex
Aaron Kaplan [Mon, 23 Dec 2013 14:51:55 +0000 (15:51 +0100)]
initial version of theory.tex

6 years agoadd one sentence: request feedback from readers
Aaron Kaplan [Mon, 23 Dec 2013 13:49:35 +0000 (14:49 +0100)]
add one sentence: request feedback from readers

6 years agotypos
Aaron Kaplan [Mon, 23 Dec 2013 13:49:23 +0000 (14:49 +0100)]
typos

6 years agoadd guardian article
Aaron Kaplan [Mon, 23 Dec 2013 13:36:57 +0000 (14:36 +0100)]
add guardian article

6 years agoadd potential epigraph
Aaron Kaplan [Mon, 23 Dec 2013 13:36:27 +0000 (14:36 +0100)]
add potential epigraph
re-phrased things a bit

6 years agoshould -> might want to
Aaron Kaplan [Mon, 23 Dec 2013 13:36:15 +0000 (14:36 +0100)]
should -> might want to

6 years agosimply simply, remove one
Aaron Kaplan [Mon, 23 Dec 2013 13:20:47 +0000 (14:20 +0100)]
simply simply, remove one

6 years agobranch
Aaron Kaplan [Mon, 23 Dec 2013 13:05:41 +0000 (14:05 +0100)]
branch

6 years agore-phrasing how to read
Aaron Kaplan [Mon, 23 Dec 2013 13:05:09 +0000 (14:05 +0100)]
re-phrasing how to read

6 years agoepigraph
Aaron Kaplan [Mon, 23 Dec 2013 12:49:30 +0000 (13:49 +0100)]
epigraph

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Sun, 22 Dec 2013 23:07:23 +0000 (00:07 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoepigraph
Aaron Kaplan [Sun, 22 Dec 2013 23:07:15 +0000 (00:07 +0100)]
epigraph

6 years agosmall improvements to fontSetup.md
Eva Seidl [Sun, 22 Dec 2013 15:03:03 +0000 (16:03 +0100)]
small improvements to fontSetup.md

6 years agoImproved markdown formatting
Pepi Zawodsky [Sun, 22 Dec 2013 14:32:15 +0000 (15:32 +0100)]
Improved markdown formatting

6 years agoadded font setup info
Eva Seidl [Sun, 22 Dec 2013 13:40:23 +0000 (14:40 +0100)]
added font setup info

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Eva Seidl [Sun, 22 Dec 2013 12:51:11 +0000 (13:51 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoAdded Font Open Sans. Added custom colours.
Eva Seidl [Sun, 22 Dec 2013 12:50:06 +0000 (13:50 +0100)]
Added Font Open Sans. Added custom colours.

6 years agoremoved mentioning SRP in key exchange section
Adi Kriegisch [Thu, 19 Dec 2013 23:12:33 +0000 (00:12 +0100)]
removed mentioning SRP in key exchange section

6 years agowhat? DJB doesnt mention NSA directly. thats a critique on NIST, the authors are...
Aaron Zauner [Thu, 19 Dec 2013 22:25:28 +0000 (23:25 +0100)]
what? DJB doesnt mention NSA directly. thats a critique on NIST, the authors are not even clear in all of the cases - which yea, can mean a lot, but doesnt have to be NSA

6 years agoremoved typo
Aaron Zauner [Thu, 19 Dec 2013 22:17:31 +0000 (23:17 +0100)]
removed typo

6 years agoPostgreSQL. way better now :)
Aaron Zauner [Thu, 19 Dec 2013 22:16:16 +0000 (23:16 +0100)]
PostgreSQL. way better now :)

6 years agorephrase, get rid of typos
Aaron Zauner [Wed, 18 Dec 2013 08:50:14 +0000 (09:50 +0100)]
rephrase, get rid of typos

6 years agoPutting something on SILC
David Durvaux [Wed, 18 Dec 2013 06:12:06 +0000 (07:12 +0100)]
Putting something on SILC

6 years agooops. Wrong level. Not it's ok.
Aaron Kaplan [Wed, 18 Dec 2013 01:01:40 +0000 (02:01 +0100)]
oops. Wrong level. Not it's ok.

6 years agomove hardening a PKI up one level to \section.
Aaron Kaplan [Wed, 18 Dec 2013 00:59:42 +0000 (01:59 +0100)]
move hardening a PKI up one level to \section.

6 years agoStreamlined the PKI section a bit and made some things clearer.
Tobias Dussa [Tue, 17 Dec 2013 23:27:57 +0000 (00:27 +0100)]
Streamlined the PKI section a bit and made some things clearer.

6 years agoof course, we also have to \input the _generated.tex files
Aaron Kaplan [Tue, 17 Dec 2013 23:11:24 +0000 (00:11 +0100)]
of course, we also have to \input the _generated.tex files

6 years agoAdded gitinfo stuff (non-standard packages).
Tobias Dussa [Tue, 17 Dec 2013 21:43:00 +0000 (22:43 +0100)]
Added gitinfo stuff (non-standard packages).

6 years agoTook out unused (and non-standard) LaTeX package.
Tobias Dussa [Tue, 17 Dec 2013 21:27:55 +0000 (22:27 +0100)]
Took out unused (and non-standard) LaTeX package.

6 years agoFixed include problem in howtoread.
Tobias Dussa [Tue, 17 Dec 2013 21:26:44 +0000 (22:26 +0100)]
Fixed include problem in howtoread.

6 years agoSHA digest refers to the use of the hash function as message digest, SHA-1 is used...
Aaron Zauner [Tue, 17 Dec 2013 19:13:54 +0000 (20:13 +0100)]
SHA digest refers to the use of the hash function as message digest, SHA-1 is used as PRF as well in cipher suites :

6 years agorephrasing and confusion.
Aaron Zauner [Tue, 17 Dec 2013 19:11:17 +0000 (20:11 +0100)]
rephrasing and confusion.

6 years agohence, we can get rid of this TODO here as well, i guess
Aaron Zauner [Tue, 17 Dec 2013 19:04:45 +0000 (20:04 +0100)]
hence, we can get rid of this TODO here as well, i guess

6 years agomv "strong enough" -> "strong", remove comment on GCM since GCM is a option. CTR...
Aaron Zauner [Tue, 17 Dec 2013 19:04:04 +0000 (20:04 +0100)]
mv "strong enough" -> "strong", remove comment on GCM since GCM is a option. CTR mode would actually be faster

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Tue, 17 Dec 2013 17:28:14 +0000 (18:28 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded section on SHA by Florian Mendel. Thank you
Aaron Kaplan [Tue, 17 Dec 2013 17:27:47 +0000 (18:27 +0100)]
added section on SHA by Florian Mendel. Thank you

6 years agoreference for IPSEC PSK lenght
cm [Tue, 17 Dec 2013 15:57:06 +0000 (16:57 +0100)]
reference for IPSEC PSK lenght

6 years agounified text on testing ssh KEX setup
Aaron Zauner [Tue, 17 Dec 2013 15:48:24 +0000 (16:48 +0100)]
unified text on testing ssh KEX setup

6 years agoadded Cisco ASA and IOS SSH section written by kasten iwen. thanks!
Aaron Zauner [Tue, 17 Dec 2013 15:42:50 +0000 (16:42 +0100)]
added Cisco ASA and IOS SSH section written by kasten iwen. thanks!

6 years agotypo die die die
Aaron Kaplan [Tue, 17 Dec 2013 15:01:51 +0000 (16:01 +0100)]
typo die die die

6 years agoremove explicit mention of ssllabs since ssltest and sslyze can also be used as well...
Aaron Zauner [Tue, 17 Dec 2013 13:56:27 +0000 (14:56 +0100)]
remove explicit mention of ssllabs since ssltest and sslyze can also be used as well as other tools

6 years agoadd CIPHERSTRINGB to imapd.conf
Aaron Zauner [Tue, 17 Dec 2013 13:51:13 +0000 (14:51 +0100)]
add CIPHERSTRINGB to imapd.conf

6 years agoPKI: CA.pl is debian/ubuntu. specific, no such thing on RHEL or SLES or EL
Aaron Zauner [Tue, 17 Dec 2013 13:46:59 +0000 (14:46 +0100)]
PKI: CA.pl is debian/ubuntu. specific, no such thing on RHEL or SLES or EL

6 years agoensure \newpage for reviewers and further research section, add label
Aaron Zauner [Tue, 17 Dec 2013 13:38:29 +0000 (14:38 +0100)]
ensure \newpage for reviewers and further research section, add label

6 years agoclarify incorrect issuing by CAs
Aaron Zauner [Tue, 17 Dec 2013 13:23:18 +0000 (14:23 +0100)]
clarify incorrect issuing by CAs

6 years agoextended and corrected part on PKI/PKI hardening, added further research and references
Aaron Zauner [Tue, 17 Dec 2013 13:20:32 +0000 (14:20 +0100)]
extended and corrected part on PKI/PKI hardening, added further research and references

6 years agoforgot "::
Aaron Zauner [Tue, 17 Dec 2013 12:50:18 +0000 (13:50 +0100)]
forgot "::