ach-master.git
5 years agoexclude seclayer-tcp for now. Waiting for input from A-trust
Aaron Kaplan [Mon, 23 Dec 2013 22:10:15 +0000 (23:10 +0100)]
exclude seclayer-tcp for now. Waiting for input from A-trust

5 years agomove l2tp, racoon to further research
Aaron Kaplan [Mon, 23 Dec 2013 22:07:28 +0000 (23:07 +0100)]
move l2tp, racoon to further research

5 years agoremove l2tp, racoon. No content yet
Aaron Kaplan [Mon, 23 Dec 2013 22:06:56 +0000 (23:06 +0100)]
remove l2tp, racoon. No content yet

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master into theory-rewrite
Aaron Kaplan [Mon, 23 Dec 2013 22:04:44 +0000 (23:04 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master into theory-rewrite

5 years agocorrect the flow diagram
Aaron Kaplan [Mon, 23 Dec 2013 22:04:16 +0000 (23:04 +0100)]
correct the flow diagram

5 years agoadd sebix to reviewers. Thank you very much!!
Aaron Kaplan [Mon, 23 Dec 2013 21:46:53 +0000 (22:46 +0100)]
add sebix to reviewers. Thank you very much!!

5 years agominor layout modifications and clean-up
Eva Seidl [Mon, 23 Dec 2013 21:37:29 +0000 (22:37 +0100)]
minor layout modifications and clean-up

5 years agochange \begin{description} to subsections as in webservers, mailservers and the other...
Aaron Kaplan [Mon, 23 Dec 2013 21:27:44 +0000 (22:27 +0100)]
change \begin{description} to subsections as in webservers, mailservers and the other sections
remove cruft from empty subsections
Consider removing racoon and l2tp for now

5 years agoformatting
Aaron Kaplan [Mon, 23 Dec 2013 21:07:54 +0000 (22:07 +0100)]
formatting

5 years agothe Caution warning is not neccessary anymore, we explained on the theory/overview...
Aaron Kaplan [Mon, 23 Dec 2013 20:50:33 +0000 (21:50 +0100)]
the Caution warning is not neccessary anymore, we explained on the theory/overview.tex section
why and how admins can select their own cipher suite

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master into theory-rewrite
Aaron Kaplan [Mon, 23 Dec 2013 20:39:53 +0000 (21:39 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master into theory-rewrite

5 years agofixed all reverences now
Aaron Kaplan [Mon, 23 Dec 2013 20:39:11 +0000 (21:39 +0100)]
fixed all reverences now

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 23 Dec 2013 20:38:44 +0000 (21:38 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agoadded how to test stuff for MTAs and moved SMTP in general section to top of mailserv...
Aaron Zauner [Mon, 23 Dec 2013 20:38:36 +0000 (21:38 +0100)]
added how to test stuff for MTAs and moved SMTP in general section to top of mailserver section

5 years agooops, subsection was a duplicate
Aaron Kaplan [Mon, 23 Dec 2013 20:33:15 +0000 (21:33 +0100)]
oops, subsection was a duplicate

5 years agomoved PKIs.tex to theory/
Aaron Kaplan [Mon, 23 Dec 2013 20:31:26 +0000 (21:31 +0100)]
moved PKIs.tex to theory/

5 years agomerging in RNGs.tex
Aaron Kaplan [Mon, 23 Dec 2013 20:29:56 +0000 (21:29 +0100)]
merging in RNGs.tex

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master into theory-rewrite
Aaron Kaplan [Mon, 23 Dec 2013 20:28:29 +0000 (21:28 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master into theory-rewrite

Conflicts:
src/RNGs.tex

5 years agoMerge branch 'theory-rewrite'
Aaron Zauner [Mon, 23 Dec 2013 20:28:04 +0000 (21:28 +0100)]
Merge branch 'theory-rewrite'

5 years agoactually add the compatibility section. It is important
Aaron Kaplan [Mon, 23 Dec 2013 20:20:00 +0000 (21:20 +0100)]
actually add the compatibility section. It is important

5 years agofix references
Aaron Kaplan [Mon, 23 Dec 2013 20:19:33 +0000 (21:19 +0100)]
fix references

5 years agoAdded 30C3 Lightningtalk Slides PDF
Pepi Zawodsky [Mon, 23 Dec 2013 20:06:47 +0000 (21:06 +0100)]
Added 30C3 Lightningtalk Slides PDF

5 years agoNow ignoring the missing fonts log by TeX
Pepi Zawodsky [Mon, 23 Dec 2013 20:06:03 +0000 (21:06 +0100)]
Now ignoring the missing fonts log by TeX

5 years agomoved images to img/ subdir
Aaron Kaplan [Mon, 23 Dec 2013 20:02:35 +0000 (21:02 +0100)]
moved images to img/ subdir

5 years agoadd label
Aaron Kaplan [Mon, 23 Dec 2013 20:00:52 +0000 (21:00 +0100)]
add label

5 years ago@@@CIPHERSUITEB@@@ macro
Aaron Kaplan [Mon, 23 Dec 2013 19:51:00 +0000 (20:51 +0100)]
@@@CIPHERSUITEB@@@ macro

5 years agowrite the @@@CIPHERSTRINGB@@@ macro here
Aaron Kaplan [Mon, 23 Dec 2013 19:50:44 +0000 (20:50 +0100)]
write the @@@CIPHERSTRINGB@@@ macro here

5 years agofixed one todo, thanks to Florian Mendels' section
Aaron Kaplan [Mon, 23 Dec 2013 19:46:02 +0000 (20:46 +0100)]
fixed one todo, thanks to Florian Mendels' section

5 years agomove things into the theory/ subdir
Aaron Kaplan [Mon, 23 Dec 2013 19:44:08 +0000 (20:44 +0100)]
move things into the theory/ subdir

5 years ago move theory sections into theory subdir
Aaron Kaplan [Mon, 23 Dec 2013 19:31:45 +0000 (20:31 +0100)]
 move theory sections into theory subdir

5 years agomove .tex files into the theory subdirectory
Aaron Kaplan [Mon, 23 Dec 2013 19:31:15 +0000 (20:31 +0100)]
move .tex files into the theory subdirectory

5 years agoremove .out file
Aaron Kaplan [Mon, 23 Dec 2013 19:30:53 +0000 (20:30 +0100)]
remove .out file

5 years agoRNG epigraph
Aaron Zauner [Mon, 23 Dec 2013 18:33:48 +0000 (19:33 +0100)]
RNG epigraph

5 years agotypo
Aaron Kaplan [Mon, 23 Dec 2013 18:24:04 +0000 (19:24 +0100)]
typo

5 years agotypo
Aaron Kaplan [Mon, 23 Dec 2013 18:08:32 +0000 (19:08 +0100)]
typo

5 years agoreminder of a todo
Aaron Kaplan [Mon, 23 Dec 2013 18:07:16 +0000 (19:07 +0100)]
reminder of a todo

5 years agoexperiment with font color for sections
Aaron Kaplan [Mon, 23 Dec 2013 18:06:59 +0000 (19:06 +0100)]
experiment with font color for sections

5 years agoformatting, structure
Aaron Kaplan [Mon, 23 Dec 2013 16:13:30 +0000 (17:13 +0100)]
formatting, structure

5 years agore-formatting mailservers chapter
Aaron Kaplan [Mon, 23 Dec 2013 15:58:30 +0000 (16:58 +0100)]
re-formatting mailservers chapter

5 years agoreformatting ssh
Aaron Kaplan [Mon, 23 Dec 2013 15:58:20 +0000 (16:58 +0100)]
reformatting ssh

5 years agouse subsubsection instead of description for ssh.tex
Aaron Kaplan [Mon, 23 Dec 2013 15:45:47 +0000 (16:45 +0100)]
use subsubsection instead of description for ssh.tex

5 years agofix url
Aaron Kaplan [Mon, 23 Dec 2013 15:30:44 +0000 (16:30 +0100)]
fix url
formattting

5 years agoadd todo
Aaron Kaplan [Mon, 23 Dec 2013 15:28:05 +0000 (16:28 +0100)]
add todo

5 years agoadd a section on who should read this paper and on related publications
Aaron Kaplan [Mon, 23 Dec 2013 15:10:24 +0000 (16:10 +0100)]
add a section on who should read this paper and on related publications

5 years agoAdd ENISA's report
Aaron Kaplan [Mon, 23 Dec 2013 15:09:29 +0000 (16:09 +0100)]
Add ENISA's report

5 years agoformatting of quotes
Aaron Kaplan [Mon, 23 Dec 2013 14:53:02 +0000 (15:53 +0100)]
formatting of quotes

5 years agoformatting of quotes
Aaron Kaplan [Mon, 23 Dec 2013 14:52:39 +0000 (15:52 +0100)]
formatting of quotes

5 years agoinclude very first version of theory.tex
Aaron Kaplan [Mon, 23 Dec 2013 14:52:16 +0000 (15:52 +0100)]
include very first version of theory.tex

5 years agoinitial version of theory.tex
Aaron Kaplan [Mon, 23 Dec 2013 14:51:55 +0000 (15:51 +0100)]
initial version of theory.tex

5 years agoadd one sentence: request feedback from readers
Aaron Kaplan [Mon, 23 Dec 2013 13:49:35 +0000 (14:49 +0100)]
add one sentence: request feedback from readers

5 years agotypos
Aaron Kaplan [Mon, 23 Dec 2013 13:49:23 +0000 (14:49 +0100)]
typos

5 years agoadd guardian article
Aaron Kaplan [Mon, 23 Dec 2013 13:36:57 +0000 (14:36 +0100)]
add guardian article

5 years agoadd potential epigraph
Aaron Kaplan [Mon, 23 Dec 2013 13:36:27 +0000 (14:36 +0100)]
add potential epigraph
re-phrased things a bit

5 years agoshould -> might want to
Aaron Kaplan [Mon, 23 Dec 2013 13:36:15 +0000 (14:36 +0100)]
should -> might want to

5 years agosimply simply, remove one
Aaron Kaplan [Mon, 23 Dec 2013 13:20:47 +0000 (14:20 +0100)]
simply simply, remove one

5 years agobranch
Aaron Kaplan [Mon, 23 Dec 2013 13:05:41 +0000 (14:05 +0100)]
branch

5 years agore-phrasing how to read
Aaron Kaplan [Mon, 23 Dec 2013 13:05:09 +0000 (14:05 +0100)]
re-phrasing how to read

5 years agoepigraph
Aaron Kaplan [Mon, 23 Dec 2013 12:49:30 +0000 (13:49 +0100)]
epigraph

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Sun, 22 Dec 2013 23:07:23 +0000 (00:07 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agoepigraph
Aaron Kaplan [Sun, 22 Dec 2013 23:07:15 +0000 (00:07 +0100)]
epigraph

5 years agosmall improvements to fontSetup.md
Eva Seidl [Sun, 22 Dec 2013 15:03:03 +0000 (16:03 +0100)]
small improvements to fontSetup.md

5 years agoImproved markdown formatting
Pepi Zawodsky [Sun, 22 Dec 2013 14:32:15 +0000 (15:32 +0100)]
Improved markdown formatting

5 years agoadded font setup info
Eva Seidl [Sun, 22 Dec 2013 13:40:23 +0000 (14:40 +0100)]
added font setup info

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Eva Seidl [Sun, 22 Dec 2013 12:51:11 +0000 (13:51 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agoAdded Font Open Sans. Added custom colours.
Eva Seidl [Sun, 22 Dec 2013 12:50:06 +0000 (13:50 +0100)]
Added Font Open Sans. Added custom colours.

5 years agoremoved mentioning SRP in key exchange section
Adi Kriegisch [Thu, 19 Dec 2013 23:12:33 +0000 (00:12 +0100)]
removed mentioning SRP in key exchange section

5 years agowhat? DJB doesnt mention NSA directly. thats a critique on NIST, the authors are...
Aaron Zauner [Thu, 19 Dec 2013 22:25:28 +0000 (23:25 +0100)]
what? DJB doesnt mention NSA directly. thats a critique on NIST, the authors are not even clear in all of the cases - which yea, can mean a lot, but doesnt have to be NSA

5 years agoremoved typo
Aaron Zauner [Thu, 19 Dec 2013 22:17:31 +0000 (23:17 +0100)]
removed typo

5 years agoPostgreSQL. way better now :)
Aaron Zauner [Thu, 19 Dec 2013 22:16:16 +0000 (23:16 +0100)]
PostgreSQL. way better now :)

5 years agorephrase, get rid of typos
Aaron Zauner [Wed, 18 Dec 2013 08:50:14 +0000 (09:50 +0100)]
rephrase, get rid of typos

5 years agoPutting something on SILC
David Durvaux [Wed, 18 Dec 2013 06:12:06 +0000 (07:12 +0100)]
Putting something on SILC

5 years agooops. Wrong level. Not it's ok.
Aaron Kaplan [Wed, 18 Dec 2013 01:01:40 +0000 (02:01 +0100)]
oops. Wrong level. Not it's ok.

5 years agomove hardening a PKI up one level to \section.
Aaron Kaplan [Wed, 18 Dec 2013 00:59:42 +0000 (01:59 +0100)]
move hardening a PKI up one level to \section.

5 years agoStreamlined the PKI section a bit and made some things clearer.
Tobias Dussa [Tue, 17 Dec 2013 23:27:57 +0000 (00:27 +0100)]
Streamlined the PKI section a bit and made some things clearer.

5 years agoof course, we also have to \input the _generated.tex files
Aaron Kaplan [Tue, 17 Dec 2013 23:11:24 +0000 (00:11 +0100)]
of course, we also have to \input the _generated.tex files

5 years agoAdded gitinfo stuff (non-standard packages).
Tobias Dussa [Tue, 17 Dec 2013 21:43:00 +0000 (22:43 +0100)]
Added gitinfo stuff (non-standard packages).

5 years agoTook out unused (and non-standard) LaTeX package.
Tobias Dussa [Tue, 17 Dec 2013 21:27:55 +0000 (22:27 +0100)]
Took out unused (and non-standard) LaTeX package.

5 years agoFixed include problem in howtoread.
Tobias Dussa [Tue, 17 Dec 2013 21:26:44 +0000 (22:26 +0100)]
Fixed include problem in howtoread.

5 years agoSHA digest refers to the use of the hash function as message digest, SHA-1 is used...
Aaron Zauner [Tue, 17 Dec 2013 19:13:54 +0000 (20:13 +0100)]
SHA digest refers to the use of the hash function as message digest, SHA-1 is used as PRF as well in cipher suites :

5 years agorephrasing and confusion.
Aaron Zauner [Tue, 17 Dec 2013 19:11:17 +0000 (20:11 +0100)]
rephrasing and confusion.

5 years agohence, we can get rid of this TODO here as well, i guess
Aaron Zauner [Tue, 17 Dec 2013 19:04:45 +0000 (20:04 +0100)]
hence, we can get rid of this TODO here as well, i guess

5 years agomv "strong enough" -> "strong", remove comment on GCM since GCM is a option. CTR...
Aaron Zauner [Tue, 17 Dec 2013 19:04:04 +0000 (20:04 +0100)]
mv "strong enough" -> "strong", remove comment on GCM since GCM is a option. CTR mode would actually be faster

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Tue, 17 Dec 2013 17:28:14 +0000 (18:28 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agoadded section on SHA by Florian Mendel. Thank you
Aaron Kaplan [Tue, 17 Dec 2013 17:27:47 +0000 (18:27 +0100)]
added section on SHA by Florian Mendel. Thank you

5 years agoreference for IPSEC PSK lenght
cm [Tue, 17 Dec 2013 15:57:06 +0000 (16:57 +0100)]
reference for IPSEC PSK lenght

5 years agounified text on testing ssh KEX setup
Aaron Zauner [Tue, 17 Dec 2013 15:48:24 +0000 (16:48 +0100)]
unified text on testing ssh KEX setup

5 years agoadded Cisco ASA and IOS SSH section written by kasten iwen. thanks!
Aaron Zauner [Tue, 17 Dec 2013 15:42:50 +0000 (16:42 +0100)]
added Cisco ASA and IOS SSH section written by kasten iwen. thanks!

5 years agotypo die die die
Aaron Kaplan [Tue, 17 Dec 2013 15:01:51 +0000 (16:01 +0100)]
typo die die die

5 years agoremove explicit mention of ssllabs since ssltest and sslyze can also be used as well...
Aaron Zauner [Tue, 17 Dec 2013 13:56:27 +0000 (14:56 +0100)]
remove explicit mention of ssllabs since ssltest and sslyze can also be used as well as other tools

5 years agoadd CIPHERSTRINGB to imapd.conf
Aaron Zauner [Tue, 17 Dec 2013 13:51:13 +0000 (14:51 +0100)]
add CIPHERSTRINGB to imapd.conf

5 years agoPKI: CA.pl is debian/ubuntu. specific, no such thing on RHEL or SLES or EL
Aaron Zauner [Tue, 17 Dec 2013 13:46:59 +0000 (14:46 +0100)]
PKI: CA.pl is debian/ubuntu. specific, no such thing on RHEL or SLES or EL

5 years agoensure \newpage for reviewers and further research section, add label
Aaron Zauner [Tue, 17 Dec 2013 13:38:29 +0000 (14:38 +0100)]
ensure \newpage for reviewers and further research section, add label

5 years agoclarify incorrect issuing by CAs
Aaron Zauner [Tue, 17 Dec 2013 13:23:18 +0000 (14:23 +0100)]
clarify incorrect issuing by CAs

5 years agoextended and corrected part on PKI/PKI hardening, added further research and references
Aaron Zauner [Tue, 17 Dec 2013 13:20:32 +0000 (14:20 +0100)]
extended and corrected part on PKI/PKI hardening, added further research and references

5 years agoforgot "::
Aaron Zauner [Tue, 17 Dec 2013 12:50:18 +0000 (13:50 +0100)]
forgot "::

5 years agomodify pound config to exclude SSLv3 but include our cipherstringb
Aaron Zauner [Tue, 17 Dec 2013 12:49:16 +0000 (13:49 +0100)]
modify pound config to exclude SSLv3 but include our cipherstringb

5 years agos/choices/options + \n
Aaron Zauner [Tue, 17 Dec 2013 12:46:15 +0000 (13:46 +0100)]
s/choices/options + \n

5 years agoreworked proxy section, rephrased and added content
Aaron Zauner [Tue, 17 Dec 2013 12:44:57 +0000 (13:44 +0100)]
reworked proxy section, rephrased and added content

5 years agoget rid of group 24 in ASA config
Aaron Zauner [Tue, 17 Dec 2013 12:34:09 +0000 (13:34 +0100)]
get rid of group 24 in ASA config

5 years ago+for
Aaron Zauner [Tue, 17 Dec 2013 12:26:25 +0000 (13:26 +0100)]
+for