Aaron Kaplan [Sun, 29 Mar 2015 20:18:44 +0000 (22:18 +0200)]
Merge branch 'master' of github.com:BetterCrypto/Applied-Crypto-Hardening
Aaron Kaplan [Sun, 29 Mar 2015 20:18:22 +0000 (22:18 +0200)]
remove some slides at the end
Pepi Zawodsky [Sun, 29 Mar 2015 20:17:00 +0000 (22:17 +0200)]
Recommend OCSP stapling
Aaron Kaplan [Sun, 29 Mar 2015 20:14:00 +0000 (22:14 +0200)]
Merge branch 'master' of github.com:BetterCrypto/Applied-Crypto-Hardening
Aaron Kaplan [Sun, 29 Mar 2015 20:13:48 +0000 (22:13 +0200)]
add sslyze & screenshots
Pepi Zawodsky [Sun, 29 Mar 2015 20:11:46 +0000 (22:11 +0200)]
Added VM recommendation for RNGs and caveat for cipher strings.
Pepi Zawodsky [Sun, 29 Mar 2015 20:02:31 +0000 (22:02 +0200)]
less defensive status statement.
Pepi Zawodsky [Sun, 29 Mar 2015 19:57:00 +0000 (21:57 +0200)]
Changed filename of SSLLas screenshot so LaTeX will not be confused by extension parsing.
Pepi Zawodsky [Sun, 29 Mar 2015 19:47:55 +0000 (21:47 +0200)]
Merge branch 'master' of github:BetterCrypto/Applied-Crypto-Hardening
Pepi Zawodsky [Sun, 29 Mar 2015 19:47:48 +0000 (21:47 +0200)]
Updated Screenshot for SSLLabs. Disable RC4.
Aaron Kaplan [Sun, 29 Mar 2015 19:45:08 +0000 (21:45 +0200)]
Merge branch 'master' of github.com:BetterCrypto/Applied-Crypto-Hardening
Aaron Kaplan [Sun, 29 Mar 2015 19:44:11 +0000 (21:44 +0200)]
add slides with questions for organisations how they can
achieve crypto deployment agility
Pepi Zawodsky [Sun, 29 Mar 2015 19:42:32 +0000 (21:42 +0200)]
Added new screenshot for SSLLabs test for bettercrypto.org
Pepi Zawodsky [Sun, 29 Mar 2015 19:23:07 +0000 (21:23 +0200)]
Changed date format to ISO8601
Aaron Kaplan [Sun, 29 Mar 2015 19:00:45 +0000 (21:00 +0200)]
add license
Aaron Kaplan [Sun, 29 Mar 2015 18:58:38 +0000 (20:58 +0200)]
initial slide deck for trainings
Aaron Zauner [Mon, 16 Mar 2015 16:08:46 +0000 (17:08 +0100)]
add comment on openvpn duplexing
Aaron Zauner [Mon, 16 Mar 2015 15:54:20 +0000 (16:54 +0100)]
Revert "comment-out OpenVPN, see GitHub #91"
This reverts commit
7b6fd17814acdbb2304ca3e84e99b02fe919abe6.
Aaron Zauner [Sat, 7 Mar 2015 16:25:15 +0000 (17:25 +0100)]
Merge pull request #99 from shotty1/master
Added -sha256 for generating keys
shotty1 [Sat, 7 Mar 2015 11:24:47 +0000 (12:24 +0100)]
Added -sha256 for generating keys
Please check if this is OK. It improved the ssllabs results for me, removing the warning about SHA1.
Aaron Zauner [Wed, 18 Feb 2015 18:45:16 +0000 (19:45 +0100)]
comment-out OpenVPN, see GitHub #91
Aaron Zauner [Wed, 18 Feb 2015 18:37:43 +0000 (19:37 +0100)]
Merge pull request #95 from sebix/cherokee-webserver
Adding section for cherokee webserver
Aaron Zauner [Wed, 18 Feb 2015 18:37:19 +0000 (19:37 +0100)]
Merge pull request #94 from sebix/stunnel
Adding stunnel section to proxies
Aaron Zauner [Wed, 18 Feb 2015 18:34:40 +0000 (19:34 +0100)]
Merge pull request #96 from BetterCrypto/revert-80-master
Revert "Adding prosody"
Aaron Zauner [Wed, 18 Feb 2015 18:34:30 +0000 (19:34 +0100)]
Revert "Adding prosody"
Sebastian Wagner [Wed, 18 Feb 2015 11:12:42 +0000 (12:12 +0100)]
Adding section for cherokee webserver
Sebastian Wagner [Fri, 13 Feb 2015 09:42:23 +0000 (10:42 +0100)]
Adding stunnel section to proxies
Aaron Zauner [Fri, 13 Feb 2015 06:49:29 +0000 (07:49 +0100)]
Merge pull request #92 from sebix/master
Add certificate chain files to configs of apache and lighttpd
Aaron Zauner [Fri, 13 Feb 2015 06:49:10 +0000 (07:49 +0100)]
Merge pull request #93 from
2001db8/master
Corrected the link for the SSL Labs Best Practices Guide
Jens Roesen [Fri, 6 Feb 2015 14:32:25 +0000 (15:32 +0100)]
Corrected link for SSL Labs Best Practices Guide
Link was 404. Changed it for a working one pointing to version 1.3 of
the guide.
Aaron Zauner [Sat, 24 Jan 2015 23:06:57 +0000 (00:06 +0100)]
Merge pull request #83 from DigNative/pdfmapfile
Modifying `\pdfmapfile' modifiers to not issue warnings on duplicate font map entries anymore.
Aaron Zauner [Sat, 24 Jan 2015 23:06:47 +0000 (00:06 +0100)]
Merge pull request #85 from DigNative/neboltai-jpg
File `neboltai.png` is actually a JPG file.
Aaron Zauner [Sat, 24 Jan 2015 23:04:59 +0000 (00:04 +0100)]
Merge pull request #84 from DigNative/ignore-configfiles
Adding `/src/configfiles.txt` to ignore list.
Sebastian Wagner [Sat, 24 Jan 2015 13:00:08 +0000 (14:00 +0100)]
Add cert chains for apache and lighttpd
Aaron Zauner [Fri, 12 Dec 2014 20:25:54 +0000 (21:25 +0100)]
Merge pull request #87 from julianladisch/Header-always-add
HSTS Apache: Header always add/set
julianladisch [Fri, 12 Dec 2014 15:46:21 +0000 (16:46 +0100)]
HSTS Apache: Header always add/set
Add "always" as Redirections and "Forbidden" pages should also get HSTS:
https://httpd.apache.org/docs/2.4/mod/mod_headers.html
Replace "add" by "set" to prevent adding a second HSTS field: "If an STS
header field is included, the HSTS Host MUST include only one such
header field." https://tools.ietf.org/html/rfc6797#section-7.1
Aaron Zauner [Fri, 12 Dec 2014 15:02:31 +0000 (16:02 +0100)]
Merge pull request #86 from julianladisch/Header-always-set
HSTS Apache: Header always set
julianladisch [Fri, 12 Dec 2014 14:58:02 +0000 (15:58 +0100)]
HSTS Apache: Header always set
Redirections and "Forbidden" pages should also get HSTS.
Aaron Zauner [Sun, 16 Nov 2014 15:34:57 +0000 (16:34 +0100)]
fixed path for prosody (#81)
Aaron Kaplan [Mon, 10 Nov 2014 19:50:41 +0000 (20:50 +0100)]
path was wrong
Aaron Kaplan [Mon, 10 Nov 2014 19:44:18 +0000 (20:44 +0100)]
removed the supporting older clients as requested by Adi .
Why? Because the POODLE killed it ;-)
Older clients which do not support SNI can't speak TLSv1.0 and above.
We don't support SSLv3 anymore anyway.
Aaron Kaplan [Mon, 10 Nov 2014 19:11:16 +0000 (20:11 +0100)]
Merge github.com:BetterCrypto/Applied-Crypto-Hardening
Aaron Kaplan [Mon, 10 Nov 2014 19:06:45 +0000 (20:06 +0100)]
minor
René Schwarz [Sat, 8 Nov 2014 22:26:21 +0000 (23:26 +0100)]
File `neboltai.png` is actually a JPG file.
A `file src/neboltai.png` reveals that this file is actually a JPG file:
$ file neboltai.png
neboltai.png: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1596x2225, frames 3
Changed extension accordingly.
René Schwarz [Sat, 8 Nov 2014 17:58:46 +0000 (18:58 +0100)]
Adding `/src/configfiles.txt` to ignore list.
The `/src/common/configfiles.tex` file creates the file `/src/configfiles.txt` during compilation, which is an auxiliary file containing all config files used/existing (I am not sure). However, this file should not be committed to the repository, at it is an auxiliary file created during compilation.
René Schwarz [Sat, 8 Nov 2014 17:46:11 +0000 (18:46 +0100)]
Modifying `\pdfmapfile' modifiers to not issue warnings on duplicate font map entries anymore.
When tried to compile the document on a Windows machine using latest MiKTeX and recent versions of all LaTeX packages included in the full installation, one can notice around 150 warnings thrown because the `system.tex' file contains two lines to include the font map files of `SourceCodePro' and `opensans' using the `\pdfmapfile' command. Because the modifier `+' is used, warnings are thrown for each font map which is already included by default for the document.
IMHO it is better to use the `=' modifier, which changes the behavior a little bit: The `+' modifier reads the specified font map and ignores all duplicate font map entries (a warning is issued), while the `=' modifier reads the specified font map and replaces matching font map entries with the new entries (no warning issued). I think this is the desired behavior.
For additional information refer to the PDFTeX documentation (`pdftex-a.pdf', r655 as of November 23, 2010) on pages 24 et seq.
Aaron Zauner [Thu, 6 Nov 2014 19:09:23 +0000 (20:09 +0100)]
remove tlsv1 exclusion
AaronK [Thu, 6 Nov 2014 06:19:01 +0000 (07:19 +0100)]
Merge pull request #82 from stasic/patch-3
added ubuntu 14.10
Arsen Stasic [Wed, 5 Nov 2014 19:49:25 +0000 (20:49 +0100)]
added ubuntu 14.10
Aaron Zauner [Wed, 5 Nov 2014 13:38:12 +0000 (14:38 +0100)]
Merge pull request #80 from MeikoDis/master
Adding prosody
MeikoDis [Wed, 5 Nov 2014 13:31:03 +0000 (13:31 +0000)]
Text adjusted.
MeikoDis [Wed, 5 Nov 2014 09:44:28 +0000 (09:44 +0000)]
Recommended Cipherstring
MeikoDis [Wed, 5 Nov 2014 00:08:38 +0000 (00:08 +0000)]
RC4, SHA1 and MD5
MeikoDis [Wed, 5 Nov 2014 00:03:42 +0000 (00:03 +0000)]
Correction2
MeikoDis [Tue, 4 Nov 2014 23:59:38 +0000 (23:59 +0000)]
Correction
MeikoDis [Tue, 4 Nov 2014 23:54:14 +0000 (23:54 +0000)]
Ciphers, curve and depth added
MeikoDis [Tue, 4 Nov 2014 22:53:43 +0000 (22:53 +0000)]
Merge branch 'master' of github.com:MeikoDis/Applied-Crypto-Hardening
Aaron Zauner [Sun, 2 Nov 2014 00:00:35 +0000 (01:00 +0100)]
Merge https://github.com/BetterCrypto/Applied-Crypto-Hardening
Aaron Zauner [Sun, 2 Nov 2014 00:00:29 +0000 (01:00 +0100)]
Merge pull request #77 from DigNative/master
Document did not compile under Windows, typo fixes
Aaron Zauner [Sat, 1 Nov 2014 23:59:51 +0000 (00:59 +0100)]
Merge https://github.com/DigNative/Applied-Crypto-Hardening
Aaron Zauner [Sat, 1 Nov 2014 23:58:28 +0000 (00:58 +0100)]
Merge pull request #78 from chdorb/patch-1
Update webserver.tex
Aaron Zauner [Sat, 1 Nov 2014 23:57:51 +0000 (00:57 +0100)]
Merge pull request #70 from blakefrantz/master
fixed small typos in IIS section
Aaron Zauner [Sat, 1 Nov 2014 23:56:23 +0000 (00:56 +0100)]
Merge pull request #71 from oparoz/patch-1
Wrong verb for HSTS header
AaronK [Tue, 28 Oct 2014 22:57:00 +0000 (23:57 +0100)]
Merge pull request #79 from stasic/patch-2
added freebsd 10
Thx Arsen!
Arsen Stasic [Tue, 28 Oct 2014 21:23:21 +0000 (22:23 +0100)]
added freebsd 10
added ssh signature for freebsd 10
chdorb [Thu, 23 Oct 2014 12:33:23 +0000 (14:33 +0200)]
Update webserver.tex
Just a little lack of conjugation.
David Durvaux [Wed, 22 Oct 2014 07:37:15 +0000 (09:37 +0200)]
Change email address
Aaron Zauner [Tue, 21 Oct 2014 08:10:35 +0000 (10:10 +0200)]
add all the things
Aaron Zauner [Tue, 21 Oct 2014 07:57:01 +0000 (09:57 +0200)]
add summary paper on curves progress within CFRG
Aaron Zauner [Tue, 21 Oct 2014 07:55:01 +0000 (09:55 +0200)]
add slides on IETF
Aaron Kaplan [Mon, 20 Oct 2014 22:26:48 +0000 (00:26 +0200)]
still minor modifications
Aaron Kaplan [Mon, 20 Oct 2014 22:12:36 +0000 (00:12 +0200)]
replace medical-test.jpg picture :)
minor changes to the text
Aaron Kaplan [Mon, 20 Oct 2014 21:59:56 +0000 (23:59 +0200)]
okay, I think we are ready for the presentation tomorrow
Aaron Kaplan [Mon, 20 Oct 2014 21:52:30 +0000 (23:52 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 20 Oct 2014 21:52:15 +0000 (23:52 +0200)]
restructure, last slides
Aaron Zauner [Mon, 20 Oct 2014 21:48:26 +0000 (23:48 +0200)]
finish attacks part
Aaron Kaplan [Mon, 20 Oct 2014 21:12:23 +0000 (23:12 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 20 Oct 2014 21:12:06 +0000 (23:12 +0200)]
more images
Aaron Kaplan [Mon, 20 Oct 2014 21:11:35 +0000 (23:11 +0200)]
more slides
Aaron Zauner [Mon, 20 Oct 2014 21:02:50 +0000 (23:02 +0200)]
get rid of company logo
Aaron Zauner [Mon, 20 Oct 2014 20:54:17 +0000 (22:54 +0200)]
add slides for attacks (seperate)
Aaron Kaplan [Mon, 20 Oct 2014 20:39:50 +0000 (22:39 +0200)]
does not work... remove \input
Aaron Kaplan [Mon, 20 Oct 2014 20:38:13 +0000 (22:38 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 20 Oct 2014 20:37:56 +0000 (22:37 +0200)]
add more slides
Aaron Zauner [Mon, 20 Oct 2014 20:33:32 +0000 (22:33 +0200)]
include attack.tex in agenda.md
Aaron Kaplan [Mon, 20 Oct 2014 20:30:07 +0000 (22:30 +0200)]
add images
Aaron Kaplan [Mon, 20 Oct 2014 20:29:36 +0000 (22:29 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master
Conflicts:
presentations/HACK.LU-2014/presentation/agenda.md
Aaron Kaplan [Mon, 20 Oct 2014 20:28:04 +0000 (22:28 +0200)]
merge in David's changes and adapt
Aaron Zauner [Mon, 20 Oct 2014 20:27:11 +0000 (22:27 +0200)]
add attacks.tex (still issues with compiling that though)
Aaron Zauner [Mon, 20 Oct 2014 20:26:53 +0000 (22:26 +0200)]
add attacks.tex (still issues with compiling that though)
David Durvaux [Mon, 20 Oct 2014 20:25:07 +0000 (22:25 +0200)]
Removing XXX
Aaron Kaplan [Mon, 20 Oct 2014 20:24:20 +0000 (22:24 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 20 Oct 2014 20:24:11 +0000 (22:24 +0200)]
more slides
David Durvaux [Mon, 20 Oct 2014 19:54:48 +0000 (21:54 +0200)]
Adding history
Aaron Kaplan [Mon, 20 Oct 2014 16:07:58 +0000 (18:07 +0200)]
add comment in README: many small commits are better
René Schwarz [Mon, 20 Oct 2014 06:11:59 +0000 (08:11 +0200)]
Modifications after comment from @krono.
Aaron Kaplan [Sun, 19 Oct 2014 23:50:08 +0000 (01:50 +0200)]
intermediate version, add missing files
Aaron Kaplan [Sun, 19 Oct 2014 23:48:56 +0000 (01:48 +0200)]
intermediate version for hack.lu
René Schwarz [Sun, 19 Oct 2014 21:12:40 +0000 (23:12 +0200)]
Correcting typo in HACK.LU 2014 presentation: It's not `Diffie-Helleman`, it's `Diffie-Hellman`.
René Schwarz [Sun, 19 Oct 2014 21:06:55 +0000 (23:06 +0200)]
Merge remote-tracking branch 'remotes/upstream/master'
git.bettercrypto.org / ach-master.git / log