ach-master.git
7 years agoadd potential epigraph
Aaron Kaplan [Mon, 23 Dec 2013 13:36:27 +0000 (14:36 +0100)]
add potential epigraph
re-phrased things a bit

7 years agoshould -> might want to
Aaron Kaplan [Mon, 23 Dec 2013 13:36:15 +0000 (14:36 +0100)]
should -> might want to

7 years agosimply simply, remove one
Aaron Kaplan [Mon, 23 Dec 2013 13:20:47 +0000 (14:20 +0100)]
simply simply, remove one

7 years agobranch
Aaron Kaplan [Mon, 23 Dec 2013 13:05:41 +0000 (14:05 +0100)]
branch

7 years agore-phrasing how to read
Aaron Kaplan [Mon, 23 Dec 2013 13:05:09 +0000 (14:05 +0100)]
re-phrasing how to read

7 years agoepigraph
Aaron Kaplan [Mon, 23 Dec 2013 12:49:30 +0000 (13:49 +0100)]
epigraph

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Sun, 22 Dec 2013 23:07:23 +0000 (00:07 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

7 years agoepigraph
Aaron Kaplan [Sun, 22 Dec 2013 23:07:15 +0000 (00:07 +0100)]
epigraph

7 years agosmall improvements to fontSetup.md
Eva Seidl [Sun, 22 Dec 2013 15:03:03 +0000 (16:03 +0100)]
small improvements to fontSetup.md

7 years agoImproved markdown formatting
Pepi Zawodsky [Sun, 22 Dec 2013 14:32:15 +0000 (15:32 +0100)]
Improved markdown formatting

7 years agoadded font setup info
Eva Seidl [Sun, 22 Dec 2013 13:40:23 +0000 (14:40 +0100)]
added font setup info

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Eva Seidl [Sun, 22 Dec 2013 12:51:11 +0000 (13:51 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

7 years agoAdded Font Open Sans. Added custom colours.
Eva Seidl [Sun, 22 Dec 2013 12:50:06 +0000 (13:50 +0100)]
Added Font Open Sans. Added custom colours.

7 years agoremoved mentioning SRP in key exchange section
Adi Kriegisch [Thu, 19 Dec 2013 23:12:33 +0000 (00:12 +0100)]
removed mentioning SRP in key exchange section

7 years agowhat? DJB doesnt mention NSA directly. thats a critique on NIST, the authors are...
Aaron Zauner [Thu, 19 Dec 2013 22:25:28 +0000 (23:25 +0100)]
what? DJB doesnt mention NSA directly. thats a critique on NIST, the authors are not even clear in all of the cases - which yea, can mean a lot, but doesnt have to be NSA

7 years agoremoved typo
Aaron Zauner [Thu, 19 Dec 2013 22:17:31 +0000 (23:17 +0100)]
removed typo

7 years agoPostgreSQL. way better now :)
Aaron Zauner [Thu, 19 Dec 2013 22:16:16 +0000 (23:16 +0100)]
PostgreSQL. way better now :)

7 years agorephrase, get rid of typos
Aaron Zauner [Wed, 18 Dec 2013 08:50:14 +0000 (09:50 +0100)]
rephrase, get rid of typos

7 years agoPutting something on SILC
David Durvaux [Wed, 18 Dec 2013 06:12:06 +0000 (07:12 +0100)]
Putting something on SILC

7 years agooops. Wrong level. Not it's ok.
Aaron Kaplan [Wed, 18 Dec 2013 01:01:40 +0000 (02:01 +0100)]
oops. Wrong level. Not it's ok.

7 years agomove hardening a PKI up one level to \section.
Aaron Kaplan [Wed, 18 Dec 2013 00:59:42 +0000 (01:59 +0100)]
move hardening a PKI up one level to \section.

7 years agoStreamlined the PKI section a bit and made some things clearer.
Tobias Dussa [Tue, 17 Dec 2013 23:27:57 +0000 (00:27 +0100)]
Streamlined the PKI section a bit and made some things clearer.

7 years agoof course, we also have to \input the _generated.tex files
Aaron Kaplan [Tue, 17 Dec 2013 23:11:24 +0000 (00:11 +0100)]
of course, we also have to \input the _generated.tex files

7 years agoAdded gitinfo stuff (non-standard packages).
Tobias Dussa [Tue, 17 Dec 2013 21:43:00 +0000 (22:43 +0100)]
Added gitinfo stuff (non-standard packages).

7 years agoTook out unused (and non-standard) LaTeX package.
Tobias Dussa [Tue, 17 Dec 2013 21:27:55 +0000 (22:27 +0100)]
Took out unused (and non-standard) LaTeX package.

7 years agoFixed include problem in howtoread.
Tobias Dussa [Tue, 17 Dec 2013 21:26:44 +0000 (22:26 +0100)]
Fixed include problem in howtoread.

7 years agoSHA digest refers to the use of the hash function as message digest, SHA-1 is used...
Aaron Zauner [Tue, 17 Dec 2013 19:13:54 +0000 (20:13 +0100)]
SHA digest refers to the use of the hash function as message digest, SHA-1 is used as PRF as well in cipher suites :

7 years agorephrasing and confusion.
Aaron Zauner [Tue, 17 Dec 2013 19:11:17 +0000 (20:11 +0100)]
rephrasing and confusion.

7 years agohence, we can get rid of this TODO here as well, i guess
Aaron Zauner [Tue, 17 Dec 2013 19:04:45 +0000 (20:04 +0100)]
hence, we can get rid of this TODO here as well, i guess

7 years agomv "strong enough" -> "strong", remove comment on GCM since GCM is a option. CTR...
Aaron Zauner [Tue, 17 Dec 2013 19:04:04 +0000 (20:04 +0100)]
mv "strong enough" -> "strong", remove comment on GCM since GCM is a option. CTR mode would actually be faster

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Tue, 17 Dec 2013 17:28:14 +0000 (18:28 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

7 years agoadded section on SHA by Florian Mendel. Thank you
Aaron Kaplan [Tue, 17 Dec 2013 17:27:47 +0000 (18:27 +0100)]
added section on SHA by Florian Mendel. Thank you

7 years agoreference for IPSEC PSK lenght
cm [Tue, 17 Dec 2013 15:57:06 +0000 (16:57 +0100)]
reference for IPSEC PSK lenght

7 years agounified text on testing ssh KEX setup
Aaron Zauner [Tue, 17 Dec 2013 15:48:24 +0000 (16:48 +0100)]
unified text on testing ssh KEX setup

7 years agoadded Cisco ASA and IOS SSH section written by kasten iwen. thanks!
Aaron Zauner [Tue, 17 Dec 2013 15:42:50 +0000 (16:42 +0100)]
added Cisco ASA and IOS SSH section written by kasten iwen. thanks!

7 years agotypo die die die
Aaron Kaplan [Tue, 17 Dec 2013 15:01:51 +0000 (16:01 +0100)]
typo die die die

7 years agoremove explicit mention of ssllabs since ssltest and sslyze can also be used as well...
Aaron Zauner [Tue, 17 Dec 2013 13:56:27 +0000 (14:56 +0100)]
remove explicit mention of ssllabs since ssltest and sslyze can also be used as well as other tools

7 years agoadd CIPHERSTRINGB to imapd.conf
Aaron Zauner [Tue, 17 Dec 2013 13:51:13 +0000 (14:51 +0100)]
add CIPHERSTRINGB to imapd.conf

7 years agoPKI: CA.pl is debian/ubuntu. specific, no such thing on RHEL or SLES or EL
Aaron Zauner [Tue, 17 Dec 2013 13:46:59 +0000 (14:46 +0100)]
PKI: CA.pl is debian/ubuntu. specific, no such thing on RHEL or SLES or EL

7 years agoensure \newpage for reviewers and further research section, add label
Aaron Zauner [Tue, 17 Dec 2013 13:38:29 +0000 (14:38 +0100)]
ensure \newpage for reviewers and further research section, add label

7 years agoclarify incorrect issuing by CAs
Aaron Zauner [Tue, 17 Dec 2013 13:23:18 +0000 (14:23 +0100)]
clarify incorrect issuing by CAs

7 years agoextended and corrected part on PKI/PKI hardening, added further research and references
Aaron Zauner [Tue, 17 Dec 2013 13:20:32 +0000 (14:20 +0100)]
extended and corrected part on PKI/PKI hardening, added further research and references

7 years agoforgot "::
Aaron Zauner [Tue, 17 Dec 2013 12:50:18 +0000 (13:50 +0100)]
forgot "::

7 years agomodify pound config to exclude SSLv3 but include our cipherstringb
Aaron Zauner [Tue, 17 Dec 2013 12:49:16 +0000 (13:49 +0100)]
modify pound config to exclude SSLv3 but include our cipherstringb

7 years agos/choices/options + \n
Aaron Zauner [Tue, 17 Dec 2013 12:46:15 +0000 (13:46 +0100)]
s/choices/options + \n

7 years agoreworked proxy section, rephrased and added content
Aaron Zauner [Tue, 17 Dec 2013 12:44:57 +0000 (13:44 +0100)]
reworked proxy section, rephrased and added content

7 years agoget rid of group 24 in ASA config
Aaron Zauner [Tue, 17 Dec 2013 12:34:09 +0000 (13:34 +0100)]
get rid of group 24 in ASA config

7 years ago+for
Aaron Zauner [Tue, 17 Dec 2013 12:26:25 +0000 (13:26 +0100)]
+for

7 years agomv AES-GCM AEAD
Aaron Zauner [Tue, 17 Dec 2013 12:25:52 +0000 (13:25 +0100)]
mv AES-GCM AEAD

7 years agogroup 24 is also a NIST curve :(
Aaron Zauner [Tue, 17 Dec 2013 12:24:26 +0000 (13:24 +0100)]
group 24 is also a NIST curve :(

7 years agoget rid of EC groups
Aaron Zauner [Tue, 17 Dec 2013 12:23:32 +0000 (13:23 +0100)]
get rid of EC groups

7 years agoget rid of comment to generate dh groups
Aaron Zauner [Tue, 17 Dec 2013 12:18:47 +0000 (13:18 +0100)]
get rid of comment to generate dh groups

7 years agoget rid of DH group 5 in ASA IKE policies
Aaron Zauner [Tue, 17 Dec 2013 12:17:36 +0000 (13:17 +0100)]
get rid of DH group 5 in ASA IKE policies

7 years agoget rid of GMAC in VPN section
Aaron Zauner [Tue, 17 Dec 2013 12:13:08 +0000 (13:13 +0100)]
get rid of GMAC in VPN section

7 years agoadded cipherstring keyword to webserver section
Aaron Zauner [Tue, 17 Dec 2013 12:08:28 +0000 (13:08 +0100)]
added cipherstring keyword to webserver section

7 years agochange sentence as recommended by karsten iwen
Aaron Zauner [Tue, 17 Dec 2013 10:09:12 +0000 (11:09 +0100)]
change sentence as recommended by karsten iwen

7 years agomove the "Ne boltai" picture to page 2.
Aaron Kaplan [Tue, 17 Dec 2013 09:51:59 +0000 (10:51 +0100)]
move the "Ne boltai" picture to page 2.

7 years agoadd Ulrich Poeschl to author list, thanks for the section on proxies
Aaron Kaplan [Tue, 17 Dec 2013 08:47:10 +0000 (09:47 +0100)]
add Ulrich Poeschl to author list, thanks for the section on proxies

7 years agookay, we have some text on PKis now
Aaron Kaplan [Tue, 17 Dec 2013 03:01:57 +0000 (04:01 +0100)]
okay, we have some text on PKis now

7 years agotypo
Aaron Kaplan [Tue, 17 Dec 2013 02:48:30 +0000 (03:48 +0100)]
typo

7 years agono such thing as complete information assurance
Aaron Kaplan [Tue, 17 Dec 2013 02:47:25 +0000 (03:47 +0100)]
no such thing as complete information assurance

7 years agoslight change of format / size in the how to read section
Aaron Kaplan [Tue, 17 Dec 2013 02:46:26 +0000 (03:46 +0100)]
slight change of format / size in the how to read section

7 years agoepigraph is nice but IMHO does not fit here
Aaron Kaplan [Tue, 17 Dec 2013 02:45:44 +0000 (03:45 +0100)]
epigraph is nice but IMHO does not fit here

7 years agofixed formatting of the flow graph
Aaron Kaplan [Tue, 17 Dec 2013 02:38:50 +0000 (03:38 +0100)]
fixed formatting of the flow graph

7 years agoupdate reality in TODO.txt
Aaron Kaplan [Tue, 17 Dec 2013 02:02:39 +0000 (03:02 +0100)]
update reality in TODO.txt

7 years agoadd items from our TODO.txt list to the further research section.
Aaron Kaplan [Tue, 17 Dec 2013 02:01:32 +0000 (03:01 +0100)]
add items from our TODO.txt list to the further research section.
This way, readers can know what we are still missing and where they could help out with the documentation

7 years agocomment out empty section
Aaron Kaplan [Tue, 17 Dec 2013 01:11:45 +0000 (02:11 +0100)]
comment out empty section

7 years agoproof of my mail signature. No claim without proof or reference!
Aaron Kaplan [Tue, 17 Dec 2013 01:09:41 +0000 (02:09 +0100)]
proof of my mail signature. No claim without proof or reference!

7 years agoadd comment on RSA keys to asa section
Aaron Zauner [Mon, 16 Dec 2013 23:42:18 +0000 (00:42 +0100)]
add comment on RSA keys to asa section

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 16 Dec 2013 23:41:15 +0000 (00:41 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

7 years agoadd references and suggestions as recommended by karsten iwen to the Cisco ASA section
Aaron Zauner [Mon, 16 Dec 2013 23:41:11 +0000 (00:41 +0100)]
add references and suggestions as recommended by karsten iwen to the Cisco ASA section

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
cm [Mon, 16 Dec 2013 23:19:51 +0000 (00:19 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

7 years agousepackage{longtable} for cipher suite name table
cm [Mon, 16 Dec 2013 23:19:45 +0000 (00:19 +0100)]
usepackage{longtable} for cipher suite name table

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 16 Dec 2013 23:17:21 +0000 (00:17 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

7 years agomore debug output for testing openssh
Aaron Zauner [Mon, 16 Dec 2013 23:17:17 +0000 (00:17 +0100)]
more debug output for testing openssh

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 16 Dec 2013 23:10:54 +0000 (00:10 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

7 years agoadd postels law as quote to propaganda page :)
Aaron Zauner [Mon, 16 Dec 2013 23:10:50 +0000 (00:10 +0100)]
add postels law as quote to propaganda page :)

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
cm [Mon, 16 Dec 2013 23:10:07 +0000 (00:10 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
cm [Mon, 16 Dec 2013 23:07:55 +0000 (00:07 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

7 years agoadded cipher suite name appendix
cm [Mon, 16 Dec 2013 23:07:22 +0000 (00:07 +0100)]
added cipher suite name appendix

7 years agoremove \newline
Aaron Kaplan [Mon, 16 Dec 2013 23:03:54 +0000 (00:03 +0100)]
remove \newline

7 years agohow to read flow graph
Aaron Kaplan [Mon, 16 Dec 2013 23:03:33 +0000 (00:03 +0100)]
how to read flow graph

7 years agotypos
Aaron Kaplan [Mon, 16 Dec 2013 23:02:41 +0000 (00:02 +0100)]
typos

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 16 Dec 2013 23:00:52 +0000 (00:00 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

7 years agoadded openssh version
Aaron Zauner [Mon, 16 Dec 2013 23:00:47 +0000 (00:00 +0100)]
added openssh version

7 years agotypo
Aaron Kaplan [Mon, 16 Dec 2013 23:00:40 +0000 (00:00 +0100)]
typo

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 16 Dec 2013 22:59:57 +0000 (23:59 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

7 years agoremove \newpage
Aaron Kaplan [Mon, 16 Dec 2013 22:56:37 +0000 (23:56 +0100)]
remove \newpage

7 years agoremove \newpages
Aaron Kaplan [Mon, 16 Dec 2013 22:56:18 +0000 (23:56 +0100)]
remove \newpages

7 years agominor formatting. Dont need to escape % in listings
Aaron Kaplan [Mon, 16 Dec 2013 22:55:47 +0000 (23:55 +0100)]
minor formatting. Dont need to escape % in listings

7 years agoadded WP links for malleability and CTS
Aaron Zauner [Mon, 16 Dec 2013 22:53:01 +0000 (23:53 +0100)]
added WP links for malleability and CTS

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Adi Kriegisch [Mon, 16 Dec 2013 22:52:34 +0000 (23:52 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

7 years agoadded section about authentication
Adi Kriegisch [Mon, 16 Dec 2013 22:52:19 +0000 (23:52 +0100)]
added section about authentication

7 years agoadd flowchart
Aaron Kaplan [Mon, 16 Dec 2013 22:52:05 +0000 (23:52 +0100)]
add flowchart

7 years agoadd flow chart
Aaron Kaplan [Mon, 16 Dec 2013 22:51:52 +0000 (23:51 +0100)]
add flow chart

7 years agoadded links on RNGs and TLS attacks
Aaron Zauner [Mon, 16 Dec 2013 22:51:24 +0000 (23:51 +0100)]
added links on RNGs and TLS attacks

7 years agofixed some wording in key exchange
Adi Kriegisch [Mon, 16 Dec 2013 22:35:20 +0000 (23:35 +0100)]
fixed some wording in key exchange

7 years agourl in ref
Thomas Schreck [Mon, 16 Dec 2013 22:04:06 +0000 (23:04 +0100)]
url in ref

7 years agobug in PKI section
Thomas Schreck [Mon, 16 Dec 2013 21:58:42 +0000 (22:58 +0100)]
bug in PKI section

7 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Thomas Schreck [Mon, 16 Dec 2013 21:45:37 +0000 (22:45 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master