ach-master.git
6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 2 Dec 2013 20:06:53 +0000 (21:06 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded subsection text and justification for Cisco ASA
Aaron Zauner [Mon, 2 Dec 2013 20:06:47 +0000 (21:06 +0100)]
added subsection text and justification for Cisco ASA

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 2 Dec 2013 20:04:19 +0000 (21:04 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoalso put the presentation into git
Aaron Kaplan [Mon, 2 Dec 2013 20:00:06 +0000 (21:00 +0100)]
also put the presentation into git

6 years agomake sure that every "make pdf" re-generates the git info in the
Aaron Kaplan [Mon, 2 Dec 2013 19:58:41 +0000 (20:58 +0100)]
make sure that every "make pdf" re-generates the git info in the
pages' footer

6 years agoImproved Markdown Formatting of FAQ
Pepi Zawodsky [Mon, 2 Dec 2013 19:57:07 +0000 (20:57 +0100)]
Improved Markdown Formatting of FAQ

6 years agoImproved Markdown Formatting of README
Pepi Zawodsky [Mon, 2 Dec 2013 19:54:08 +0000 (20:54 +0100)]
Improved Markdown Formatting of README

6 years agoremark on the strength of 3DES
Aaron Kaplan [Mon, 2 Dec 2013 19:38:49 +0000 (20:38 +0100)]
remark on the strength of 3DES

6 years agowhite paper -> "guide"
Aaron Kaplan [Mon, 2 Dec 2013 19:38:19 +0000 (20:38 +0100)]
white paper -> "guide"

6 years agoadd a section on how to read this guide
Aaron Kaplan [Mon, 2 Dec 2013 19:38:00 +0000 (20:38 +0100)]
add a section on how to read this guide

6 years agoadd Berg San . Thanks for the DB section
Aaron Kaplan [Mon, 2 Dec 2013 17:52:51 +0000 (18:52 +0100)]
add Berg San . Thanks for the DB section

6 years agofix one todo from disclaimer.tex
Aaron Kaplan [Mon, 2 Dec 2013 11:08:39 +0000 (12:08 +0100)]
fix one todo from disclaimer.tex

6 years agorewrite openvpn section according to TODOs
cm [Sat, 30 Nov 2013 23:42:36 +0000 (00:42 +0100)]
rewrite openvpn section according to TODOs

6 years agoRemoved add_header X-Frame-Options DENY by suggestion of Christian Mock since it...
Pepi Zawodsky [Fri, 29 Nov 2013 18:52:19 +0000 (19:52 +0100)]
Removed add_header X-Frame-Options DENY by suggestion of Christian Mock since it is security- but not crypto related.

6 years agoFix typo (thanks to Adi)
Ralf Schlatterbeck [Fri, 29 Nov 2013 10:37:07 +0000 (11:37 +0100)]
Fix typo (thanks to Adi)

6 years agoCorrected misspelled namex
Pepi Zawodsky [Thu, 28 Nov 2013 14:36:36 +0000 (15:36 +0100)]
Corrected misspelled namex

6 years agominor formatting of a footnote: { } was missing
Aaron Kaplan [Thu, 28 Nov 2013 14:26:10 +0000 (15:26 +0100)]
minor formatting of a footnote: { } was missing

6 years agoadded section RNGs which was written by Ralf Schlatterbeck.
Aaron Kaplan [Thu, 28 Nov 2013 14:23:46 +0000 (15:23 +0100)]
added section RNGs which was written by Ralf Schlatterbeck.
Pls. review

6 years agoAdded nginx settings for DH parameters recommending at least the same bit length...
Pepi Zawodsky [Thu, 28 Nov 2013 13:13:15 +0000 (14:13 +0100)]
Added nginx settings for DH parameters recommending at least the same bit length as the RSA key used. Like Apache 2.4 implicily handles this.

6 years agonginx does't allow ssl_protocols to be excluded, only to be included. Our given examp...
Pepi Zawodsky [Thu, 28 Nov 2013 13:01:15 +0000 (14:01 +0100)]
nginx does't allow ssl_protocols to be excluded, only to be included. Our given example would be better but does not actually work in nginx (1.4.4, current stable as of 2013-11-28 14:00 CET). Corrected example to a working syntax.

6 years agoChanges nginx ECC curve selection example to the least-bad but actually widely suppor...
Pepi Zawodsky [Thu, 28 Nov 2013 12:58:15 +0000 (13:58 +0100)]
Changes nginx ECC curve selection example to the least-bad but actually widely supported curve which is secp384r1. The former sectk571k1 (Koblitz curve) would be a lot better, but is supported almost nowhere.

6 years agoinital introduction to the ssl libs section
Adi Kriegisch [Wed, 27 Nov 2013 15:02:57 +0000 (16:02 +0100)]
inital introduction to the ssl libs section

6 years agoapplied Berg San's patch from the mailing list as of 2013/11/26 19:23 UTC+2
Aaron Kaplan [Tue, 26 Nov 2013 19:19:12 +0000 (20:19 +0100)]
applied Berg San's patch from the mailing list as of 2013/11/26 19:23 UTC+2
+ Minor formatting improvement

6 years agoSplitting Cipher Suites section in multiple files
David Durvaux [Tue, 26 Nov 2013 17:05:56 +0000 (18:05 +0100)]
Splitting Cipher Suites section in multiple files

6 years agomodified crypto map to reflect cipher settings
Aaron Zauner [Tue, 26 Nov 2013 14:41:14 +0000 (15:41 +0100)]
modified crypto map to reflect cipher settings

6 years agoadded Cisco ASA IPsec + SSL VPN Settings
Aaron Zauner [Tue, 26 Nov 2013 13:57:05 +0000 (14:57 +0100)]
added Cisco ASA IPsec + SSL VPN Settings

6 years agoadded list on DH groups and bit security
Aaron Zauner [Tue, 26 Nov 2013 13:39:48 +0000 (14:39 +0100)]
added list on DH groups and bit security

6 years agoforgot a '"' while including "./practical_settings/proxy_solutions.tex" via \input{}
Aaron Kaplan [Tue, 26 Nov 2013 10:41:03 +0000 (11:41 +0100)]
forgot a '"' while including "./practical_settings/proxy_solutions.tex" via \input{}

6 years agofixes after practical settings refactoring
Wolfgang Breyha [Tue, 26 Nov 2013 10:32:42 +0000 (11:32 +0100)]
fixes after practical settings refactoring

6 years agoAdd missing files
David Durvaux [Tue, 26 Nov 2013 08:16:11 +0000 (09:16 +0100)]
Add missing files

6 years agoRefactor practical_settings to spli subsection in files
David Durvaux [Tue, 26 Nov 2013 06:19:44 +0000 (07:19 +0100)]
Refactor practical_settings to spli subsection in files

6 years agorephrasing
Aaron Kaplan [Tue, 26 Nov 2013 00:25:56 +0000 (01:25 +0100)]
rephrasing

6 years ago\newpage before a new section
Aaron Kaplan [Tue, 26 Nov 2013 00:23:50 +0000 (01:23 +0100)]
\newpage before a new section
erphrase abstract

6 years agoadd \newpage
Aaron Kaplan [Tue, 26 Nov 2013 00:11:54 +0000 (01:11 +0100)]
add \newpage

6 years agorephrase slightly
Aaron Kaplan [Tue, 26 Nov 2013 00:11:36 +0000 (01:11 +0100)]
rephrase slightly

6 years agore-format the new section as \begin{description} element.
Aaron Kaplan [Mon, 25 Nov 2013 23:26:15 +0000 (00:26 +0100)]
re-format the new section as \begin{description} element.
Feel free to change it if it should look differently.
Replaced quoting characters by real LaTeX quotation characters "``" and "''"

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Daniel Kovacic [Mon, 25 Nov 2013 22:25:04 +0000 (23:25 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agosection 8 very first proposal without sources and proper tex
Daniel Kovacic [Mon, 25 Nov 2013 22:23:41 +0000 (23:23 +0100)]
section 8 very first proposal without sources and proper tex

6 years agogive the other VPN subsections the structure based on template.tex
Aaron Kaplan [Mon, 25 Nov 2013 21:56:41 +0000 (22:56 +0100)]
give the other VPN subsections the structure based on template.tex

6 years agoadd radius
Aaron Kaplan [Mon, 25 Nov 2013 21:53:14 +0000 (22:53 +0100)]
add radius

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 25 Nov 2013 21:51:11 +0000 (22:51 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agostructure according to template.tex
Aaron Kaplan [Mon, 25 Nov 2013 21:50:49 +0000 (22:50 +0100)]
structure according to template.tex

6 years agomore clarification on SSH configuration
Aaron Zauner [Mon, 25 Nov 2013 21:48:46 +0000 (22:48 +0100)]
more clarification on SSH configuration

6 years agofix the formatting of template.tex (stupid \mbox{}s )
Aaron Kaplan [Mon, 25 Nov 2013 21:47:30 +0000 (22:47 +0100)]
fix the formatting of template.tex (stupid \mbox{}s )

6 years agomv SSH OpenSSH
Aaron Zauner [Mon, 25 Nov 2013 21:40:47 +0000 (22:40 +0100)]
mv SSH OpenSSH

6 years agonow just called "ipsec"
Aaron Zauner [Mon, 25 Nov 2013 21:37:52 +0000 (22:37 +0100)]
now just called "ipsec"

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 25 Nov 2013 21:37:01 +0000 (22:37 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadd ssl libs section
Aaron Kaplan [Mon, 25 Nov 2013 21:36:50 +0000 (22:36 +0100)]
add ssl libs section

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 25 Nov 2013 21:33:18 +0000 (22:33 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoreference to ssh-dss discussion/bug report added
Aaron Zauner [Mon, 25 Nov 2013 21:33:13 +0000 (22:33 +0100)]
reference to ssh-dss discussion/bug report added

6 years agoone todo less :)
Aaron Kaplan [Mon, 25 Nov 2013 21:30:24 +0000 (22:30 +0100)]
one todo less :)

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 25 Nov 2013 21:27:38 +0000 (22:27 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoclarification on DSA exclusion from openssh settings added
Aaron Zauner [Mon, 25 Nov 2013 21:27:33 +0000 (22:27 +0100)]
clarification on DSA exclusion from openssh settings added

6 years agoopenvpn: tls-cipher differences 2.2/2.3
cm [Mon, 25 Nov 2013 21:23:11 +0000 (22:23 +0100)]
openvpn: tls-cipher differences 2.2/2.3

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 25 Nov 2013 21:20:38 +0000 (22:20 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agore-formated the OpenVPN section to fit template.tex
Aaron Kaplan [Mon, 25 Nov 2013 21:20:09 +0000 (22:20 +0100)]
re-formated the OpenVPN section to fit template.tex

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 25 Nov 2013 21:17:35 +0000 (22:17 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agobetter wording in PPTP section
Aaron Zauner [Mon, 25 Nov 2013 21:17:31 +0000 (22:17 +0100)]
better wording in PPTP section

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 25 Nov 2013 21:05:39 +0000 (22:05 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 25 Nov 2013 21:05:30 +0000 (22:05 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoremove german-only links
Aaron Zauner [Mon, 25 Nov 2013 21:05:26 +0000 (22:05 +0100)]
remove german-only links

6 years agochange the section of mysql and postgresql
Aaron Kaplan [Mon, 25 Nov 2013 21:03:52 +0000 (22:03 +0100)]
change the section of mysql and postgresql
just format it in the same structure as template.tex

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Adi Kriegisch [Mon, 25 Nov 2013 21:03:16 +0000 (22:03 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agofixed url
Adi Kriegisch [Mon, 25 Nov 2013 21:02:30 +0000 (22:02 +0100)]
fixed url

6 years agoremove duplicate wording
Aaron Zauner [Mon, 25 Nov 2013 21:02:03 +0000 (22:02 +0100)]
remove duplicate wording

6 years agomore openvpn
cm [Mon, 25 Nov 2013 20:53:23 +0000 (21:53 +0100)]
more openvpn

6 years agoadded text about ILOs
Aaron Kaplan [Mon, 25 Nov 2013 20:50:59 +0000 (21:50 +0100)]
added text about ILOs

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 25 Nov 2013 20:36:37 +0000 (21:36 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded AES-GCM and UMAC (encrypt-then-mac only!)
Aaron Zauner [Mon, 25 Nov 2013 20:01:43 +0000 (21:01 +0100)]
added AES-GCM and UMAC (encrypt-then-mac only!)

6 years agoopenvpn section
cm [Mon, 25 Nov 2013 19:44:19 +0000 (20:44 +0100)]
openvpn section

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
cm [Mon, 25 Nov 2013 19:43:59 +0000 (20:43 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoopenvpn section
cm [Mon, 25 Nov 2013 19:25:43 +0000 (20:25 +0100)]
openvpn section

6 years agoopenvpn section
cm [Mon, 25 Nov 2013 19:25:43 +0000 (20:25 +0100)]
openvpn section

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 25 Nov 2013 19:18:22 +0000 (20:18 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Daniel Kovacic [Mon, 25 Nov 2013 18:20:42 +0000 (19:20 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoforward secrecy: its the server key!
cm [Mon, 25 Nov 2013 16:46:36 +0000 (17:46 +0100)]
forward secrecy: its the server key!

6 years agoupdated iis todo list
Daniel Kovacic [Sun, 24 Nov 2013 15:41:00 +0000 (16:41 +0100)]
updated iis todo list

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Sat, 23 Nov 2013 15:44:57 +0000 (16:44 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agocyrus corrections
Wolfgang Breyha [Sat, 23 Nov 2013 15:40:32 +0000 (16:40 +0100)]
cyrus corrections

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Fri, 22 Nov 2013 21:53:53 +0000 (22:53 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded screenshots
cm [Fri, 22 Nov 2013 20:27:55 +0000 (21:27 +0100)]
added screenshots

6 years agowrote PPTP section
cm [Fri, 22 Nov 2013 20:22:37 +0000 (21:22 +0100)]
wrote PPTP section

6 years agowrote checkpoint firewall ipsec section
cm [Fri, 22 Nov 2013 20:06:30 +0000 (21:06 +0100)]
wrote checkpoint firewall ipsec section

6 years agocipher_suites: add section label
cm [Fri, 22 Nov 2013 19:29:58 +0000 (20:29 +0100)]
cipher_suites: add section label
practical_settings: rework IPSEC general section according to TODOs

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Fri, 22 Nov 2013 18:56:22 +0000 (19:56 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agocommon section structure for postfix
cm [Fri, 22 Nov 2013 18:31:02 +0000 (19:31 +0100)]
common section structure for postfix

6 years agoremove quotes around postfix cipherlist
cm [Fri, 22 Nov 2013 17:37:42 +0000 (18:37 +0100)]
remove quotes around postfix cipherlist

6 years agoforward-port Philipp Gühring's changes (except for the cipher suite
Aaron Kaplan [Fri, 22 Nov 2013 17:26:03 +0000 (18:26 +0100)]
forward-port Philipp Gühring's changes (except for the cipher suite
string change which still should be discussed properly)

6 years agorm abstract.markdown. It was an experiment.
Aaron Kaplan [Fri, 22 Nov 2013 17:18:03 +0000 (18:18 +0100)]
rm abstract.markdown. It was an experiment.

6 years agomotivation.markdown was an experiment, not needed
Aaron Kaplan [Fri, 22 Nov 2013 17:17:34 +0000 (18:17 +0100)]
motivation.markdown was an experiment, not needed

6 years agoforward-port Philipp Gühring's changes (except for the cipher suite
Aaron Kaplan [Fri, 22 Nov 2013 17:16:55 +0000 (18:16 +0100)]
forward-port Philipp Gühring's changes (except for the cipher suite
string change which still should be discussed properly)

6 years agoclarify one sentence
Aaron Kaplan [Fri, 22 Nov 2013 17:15:08 +0000 (18:15 +0100)]
clarify one sentence

6 years agoforward-port Philipp Gühring's changes (except for the cipher suite
Aaron Kaplan [Fri, 22 Nov 2013 17:09:49 +0000 (18:09 +0100)]
forward-port Philipp Gühring's changes (except for the cipher suite
string change which still should be discussed properly)

6 years agofinal version which was presented @deepsec 2013
Aaron Kaplan [Fri, 22 Nov 2013 16:04:48 +0000 (17:04 +0100)]
final version which was presented @deepsec 2013

6 years agofinal polishing for the slides
Aaron Kaplan [Fri, 22 Nov 2013 13:32:02 +0000 (14:32 +0100)]
final polishing for the slides

6 years agominor rephrasing of the slides
Aaron Kaplan [Fri, 22 Nov 2013 11:35:24 +0000 (12:35 +0100)]
minor rephrasing of the slides

6 years agoadded some tools to the deepsec slides
Aaron Kaplan [Fri, 22 Nov 2013 11:23:06 +0000 (12:23 +0100)]
added some tools to the deepsec slides

6 years agomore slides polishing
Aaron Kaplan [Fri, 22 Nov 2013 11:13:36 +0000 (12:13 +0100)]
more slides polishing

6 years agomove the very first analysis of cipher suites (.xls file) to unsorted/
Aaron Kaplan [Fri, 22 Nov 2013 11:06:47 +0000 (12:06 +0100)]
move the very first analysis of cipher suites (.xls file) to unsorted/

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Fri, 22 Nov 2013 11:05:59 +0000 (12:05 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master