ach-master.git
6 years agoGPG: changed wording, fixed spelling,..
Aaron Zauner [Fri, 6 Dec 2013 19:52:09 +0000 (20:52 +0100)]
GPG: changed wording, fixed spelling,..

6 years agociphersuites: changed wording
Aaron Zauner [Fri, 6 Dec 2013 19:35:06 +0000 (20:35 +0100)]
ciphersuites: changed wording

6 years agociphersuites: removed typos, changed spelling, added references
Aaron Zauner [Fri, 6 Dec 2013 19:23:13 +0000 (20:23 +0100)]
ciphersuites: removed typos, changed spelling, added references

6 years agoPKIs: added references, changed wording
Aaron Zauner [Fri, 6 Dec 2013 19:09:57 +0000 (20:09 +0100)]
PKIs: added references, changed wording

6 years agomethods: added references, changed wording
Aaron Zauner [Fri, 6 Dec 2013 18:53:01 +0000 (19:53 +0100)]
methods: added references, changed wording

6 years agodisclaimer: changed wording, added references to mentioned sections
Aaron Zauner [Fri, 6 Dec 2013 18:43:28 +0000 (19:43 +0100)]
disclaimer: changed wording, added references to mentioned sections

6 years agochange wording, add references
Aaron Zauner [Fri, 6 Dec 2013 18:37:14 +0000 (19:37 +0100)]
change wording, add references

6 years agoAdded Texted nginx setting
Pepi Zawodsky [Fri, 6 Dec 2013 17:55:45 +0000 (18:55 +0100)]
Added Texted nginx setting

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Pepi Zawodsky [Fri, 6 Dec 2013 17:53:38 +0000 (18:53 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoExperimental epub support
Pepi Zawodsky [Fri, 6 Dec 2013 17:53:28 +0000 (18:53 +0100)]
Experimental epub support

6 years agoFix typos
Ralf Schlatterbeck [Fri, 6 Dec 2013 17:36:55 +0000 (18:36 +0100)]
Fix typos

6 years agoadded ASA references, removed TODOs
Aaron Zauner [Fri, 6 Dec 2013 17:31:33 +0000 (18:31 +0100)]
added ASA references, removed TODOs

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Ralf Schlatterbeck [Fri, 6 Dec 2013 17:18:57 +0000 (18:18 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoStart with BiBTeX (RNG section converted)
Ralf Schlatterbeck [Fri, 6 Dec 2013 17:15:03 +0000 (18:15 +0100)]
Start with BiBTeX (RNG section converted)

Add new bibtex style alphalink.bst (this one can handle an URL parameter
in the bibtex entry and puts the url into a hyperref in the bibtex
label). I've written this style myself (by modifying one of the standard
bibtex styles).

6 years agoAdd a section over ejabberd and OTR
David Durvaux [Fri, 6 Dec 2013 16:50:30 +0000 (17:50 +0100)]
Add a section over ejabberd and OTR

6 years agocommented out the section on ssl libraries, not sure if it is in scope .. also: no...
Aaron Zauner [Thu, 5 Dec 2013 18:44:18 +0000 (19:44 +0100)]
commented out the section on ssl libraries, not sure if it is in scope .. also: no contributions that we can use in the paper

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Thu, 5 Dec 2013 13:29:59 +0000 (14:29 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded information for github users to README.md
Aaron Zauner [Thu, 5 Dec 2013 13:29:55 +0000 (14:29 +0100)]
added information for github users to README.md

6 years agoAdd Daniel to reviewers (if not co-authors)
Aaron Kaplan [Wed, 4 Dec 2013 23:14:00 +0000 (00:14 +0100)]
Add Daniel to reviewers (if not co-authors)

6 years agoupdate IPSEC section to new config a/b
cm [Wed, 4 Dec 2013 16:54:49 +0000 (17:54 +0100)]
update IPSEC section to new config a/b

6 years agoadded netcraft link on PFS to PFS section
Aaron Zauner [Wed, 4 Dec 2013 11:11:19 +0000 (12:11 +0100)]
added netcraft link on PFS to PFS section

6 years agoupdated reviewers.tex
Ulrich [Wed, 4 Dec 2013 10:56:32 +0000 (11:56 +0100)]
updated reviewers.tex

6 years agono downgrade attacks on ipsec
cm [Wed, 4 Dec 2013 10:34:58 +0000 (11:34 +0100)]
no downgrade attacks on ipsec

6 years agoadded nginx "test with" debian version
cm [Wed, 4 Dec 2013 10:32:54 +0000 (11:32 +0100)]
added nginx "test with" debian version

6 years agoshorten section title, make clear what is meant by SSL/TLS in the ASA section
Aaron Zauner [Tue, 3 Dec 2013 21:04:47 +0000 (22:04 +0100)]
shorten section title, make clear what is meant by SSL/TLS in the ASA section

6 years agoeasy-rsa can do 4096bit keys, been there done that, we should recommend it for VPNs
Aaron Zauner [Tue, 3 Dec 2013 21:02:57 +0000 (22:02 +0100)]
easy-rsa can do 4096bit keys, been there done that, we should recommend it for VPNs

6 years agoreorder openssh KEX algorithms by relevance of security decending
Aaron Zauner [Tue, 3 Dec 2013 20:32:16 +0000 (21:32 +0100)]
reorder openssh KEX algorithms by relevance of security decending

6 years agocorrect nomenclature on galloi counter mode
Aaron Zauner [Tue, 3 Dec 2013 20:18:52 +0000 (21:18 +0100)]
correct nomenclature on galloi counter mode

6 years agoadded openssh ServerKeyBits (set to 4096)
Aaron Zauner [Tue, 3 Dec 2013 17:40:05 +0000 (18:40 +0100)]
added openssh ServerKeyBits (set to 4096)

6 years agonsa does not get credits!
Aaron Zauner [Tue, 3 Dec 2013 15:47:57 +0000 (16:47 +0100)]
nsa does not get credits!

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Tue, 3 Dec 2013 15:40:47 +0000 (16:40 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadd acknowledgement section
Aaron Zauner [Tue, 3 Dec 2013 15:40:46 +0000 (16:40 +0100)]
add acknowledgement section

6 years agopush the notes for the next steps
Aaron Kaplan [Mon, 2 Dec 2013 22:51:07 +0000 (23:51 +0100)]
push the notes for the next steps

6 years agotweak cipher string variant B
Aaron Kaplan [Mon, 2 Dec 2013 22:40:14 +0000 (23:40 +0100)]
tweak cipher string variant B

6 years agoitemize
Aaron Kaplan [Mon, 2 Dec 2013 22:40:05 +0000 (23:40 +0100)]
itemize

6 years agocomment out an old section which we simply kept before since it has a nice table...
Aaron Kaplan [Mon, 2 Dec 2013 20:44:09 +0000 (21:44 +0100)]
comment out an old section which we simply kept before since it has a nice table formatting example.

6 years agonarrow down scope a bit
Aaron Kaplan [Mon, 2 Dec 2013 20:33:52 +0000 (21:33 +0100)]
narrow down scope a bit

6 years agoremove the paragraph about NIST
Aaron Kaplan [Mon, 2 Dec 2013 20:30:46 +0000 (21:30 +0100)]
remove the paragraph about NIST

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 2 Dec 2013 20:06:53 +0000 (21:06 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded subsection text and justification for Cisco ASA
Aaron Zauner [Mon, 2 Dec 2013 20:06:47 +0000 (21:06 +0100)]
added subsection text and justification for Cisco ASA

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 2 Dec 2013 20:04:19 +0000 (21:04 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoalso put the presentation into git
Aaron Kaplan [Mon, 2 Dec 2013 20:00:06 +0000 (21:00 +0100)]
also put the presentation into git

6 years agomake sure that every "make pdf" re-generates the git info in the
Aaron Kaplan [Mon, 2 Dec 2013 19:58:41 +0000 (20:58 +0100)]
make sure that every "make pdf" re-generates the git info in the
pages' footer

6 years agoImproved Markdown Formatting of FAQ
Pepi Zawodsky [Mon, 2 Dec 2013 19:57:07 +0000 (20:57 +0100)]
Improved Markdown Formatting of FAQ

6 years agoImproved Markdown Formatting of README
Pepi Zawodsky [Mon, 2 Dec 2013 19:54:08 +0000 (20:54 +0100)]
Improved Markdown Formatting of README

6 years agoremark on the strength of 3DES
Aaron Kaplan [Mon, 2 Dec 2013 19:38:49 +0000 (20:38 +0100)]
remark on the strength of 3DES

6 years agowhite paper -> "guide"
Aaron Kaplan [Mon, 2 Dec 2013 19:38:19 +0000 (20:38 +0100)]
white paper -> "guide"

6 years agoadd a section on how to read this guide
Aaron Kaplan [Mon, 2 Dec 2013 19:38:00 +0000 (20:38 +0100)]
add a section on how to read this guide

6 years agoadd Berg San . Thanks for the DB section
Aaron Kaplan [Mon, 2 Dec 2013 17:52:51 +0000 (18:52 +0100)]
add Berg San . Thanks for the DB section

6 years agofix one todo from disclaimer.tex
Aaron Kaplan [Mon, 2 Dec 2013 11:08:39 +0000 (12:08 +0100)]
fix one todo from disclaimer.tex

6 years agorewrite openvpn section according to TODOs
cm [Sat, 30 Nov 2013 23:42:36 +0000 (00:42 +0100)]
rewrite openvpn section according to TODOs

6 years agoRemoved add_header X-Frame-Options DENY by suggestion of Christian Mock since it...
Pepi Zawodsky [Fri, 29 Nov 2013 18:52:19 +0000 (19:52 +0100)]
Removed add_header X-Frame-Options DENY by suggestion of Christian Mock since it is security- but not crypto related.

6 years agoFix typo (thanks to Adi)
Ralf Schlatterbeck [Fri, 29 Nov 2013 10:37:07 +0000 (11:37 +0100)]
Fix typo (thanks to Adi)

6 years agoCorrected misspelled namex
Pepi Zawodsky [Thu, 28 Nov 2013 14:36:36 +0000 (15:36 +0100)]
Corrected misspelled namex

6 years agominor formatting of a footnote: { } was missing
Aaron Kaplan [Thu, 28 Nov 2013 14:26:10 +0000 (15:26 +0100)]
minor formatting of a footnote: { } was missing

6 years agoadded section RNGs which was written by Ralf Schlatterbeck.
Aaron Kaplan [Thu, 28 Nov 2013 14:23:46 +0000 (15:23 +0100)]
added section RNGs which was written by Ralf Schlatterbeck.
Pls. review

6 years agoAdded nginx settings for DH parameters recommending at least the same bit length...
Pepi Zawodsky [Thu, 28 Nov 2013 13:13:15 +0000 (14:13 +0100)]
Added nginx settings for DH parameters recommending at least the same bit length as the RSA key used. Like Apache 2.4 implicily handles this.

6 years agonginx does't allow ssl_protocols to be excluded, only to be included. Our given examp...
Pepi Zawodsky [Thu, 28 Nov 2013 13:01:15 +0000 (14:01 +0100)]
nginx does't allow ssl_protocols to be excluded, only to be included. Our given example would be better but does not actually work in nginx (1.4.4, current stable as of 2013-11-28 14:00 CET). Corrected example to a working syntax.

6 years agoChanges nginx ECC curve selection example to the least-bad but actually widely suppor...
Pepi Zawodsky [Thu, 28 Nov 2013 12:58:15 +0000 (13:58 +0100)]
Changes nginx ECC curve selection example to the least-bad but actually widely supported curve which is secp384r1. The former sectk571k1 (Koblitz curve) would be a lot better, but is supported almost nowhere.

6 years agoinital introduction to the ssl libs section
Adi Kriegisch [Wed, 27 Nov 2013 15:02:57 +0000 (16:02 +0100)]
inital introduction to the ssl libs section

6 years agoapplied Berg San's patch from the mailing list as of 2013/11/26 19:23 UTC+2
Aaron Kaplan [Tue, 26 Nov 2013 19:19:12 +0000 (20:19 +0100)]
applied Berg San's patch from the mailing list as of 2013/11/26 19:23 UTC+2
+ Minor formatting improvement

6 years agoSplitting Cipher Suites section in multiple files
David Durvaux [Tue, 26 Nov 2013 17:05:56 +0000 (18:05 +0100)]
Splitting Cipher Suites section in multiple files

6 years agomodified crypto map to reflect cipher settings
Aaron Zauner [Tue, 26 Nov 2013 14:41:14 +0000 (15:41 +0100)]
modified crypto map to reflect cipher settings

6 years agoadded Cisco ASA IPsec + SSL VPN Settings
Aaron Zauner [Tue, 26 Nov 2013 13:57:05 +0000 (14:57 +0100)]
added Cisco ASA IPsec + SSL VPN Settings

6 years agoadded list on DH groups and bit security
Aaron Zauner [Tue, 26 Nov 2013 13:39:48 +0000 (14:39 +0100)]
added list on DH groups and bit security

6 years agoforgot a '"' while including "./practical_settings/proxy_solutions.tex" via \input{}
Aaron Kaplan [Tue, 26 Nov 2013 10:41:03 +0000 (11:41 +0100)]
forgot a '"' while including "./practical_settings/proxy_solutions.tex" via \input{}

6 years agofixes after practical settings refactoring
Wolfgang Breyha [Tue, 26 Nov 2013 10:32:42 +0000 (11:32 +0100)]
fixes after practical settings refactoring

6 years agoAdd missing files
David Durvaux [Tue, 26 Nov 2013 08:16:11 +0000 (09:16 +0100)]
Add missing files

6 years agoRefactor practical_settings to spli subsection in files
David Durvaux [Tue, 26 Nov 2013 06:19:44 +0000 (07:19 +0100)]
Refactor practical_settings to spli subsection in files

6 years agorephrasing
Aaron Kaplan [Tue, 26 Nov 2013 00:25:56 +0000 (01:25 +0100)]
rephrasing

6 years ago\newpage before a new section
Aaron Kaplan [Tue, 26 Nov 2013 00:23:50 +0000 (01:23 +0100)]
\newpage before a new section
erphrase abstract

6 years agoadd \newpage
Aaron Kaplan [Tue, 26 Nov 2013 00:11:54 +0000 (01:11 +0100)]
add \newpage

6 years agorephrase slightly
Aaron Kaplan [Tue, 26 Nov 2013 00:11:36 +0000 (01:11 +0100)]
rephrase slightly

6 years agore-format the new section as \begin{description} element.
Aaron Kaplan [Mon, 25 Nov 2013 23:26:15 +0000 (00:26 +0100)]
re-format the new section as \begin{description} element.
Feel free to change it if it should look differently.
Replaced quoting characters by real LaTeX quotation characters "``" and "''"

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Daniel Kovacic [Mon, 25 Nov 2013 22:25:04 +0000 (23:25 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agosection 8 very first proposal without sources and proper tex
Daniel Kovacic [Mon, 25 Nov 2013 22:23:41 +0000 (23:23 +0100)]
section 8 very first proposal without sources and proper tex

6 years agogive the other VPN subsections the structure based on template.tex
Aaron Kaplan [Mon, 25 Nov 2013 21:56:41 +0000 (22:56 +0100)]
give the other VPN subsections the structure based on template.tex

6 years agoadd radius
Aaron Kaplan [Mon, 25 Nov 2013 21:53:14 +0000 (22:53 +0100)]
add radius

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 25 Nov 2013 21:51:11 +0000 (22:51 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agostructure according to template.tex
Aaron Kaplan [Mon, 25 Nov 2013 21:50:49 +0000 (22:50 +0100)]
structure according to template.tex

6 years agomore clarification on SSH configuration
Aaron Zauner [Mon, 25 Nov 2013 21:48:46 +0000 (22:48 +0100)]
more clarification on SSH configuration

6 years agofix the formatting of template.tex (stupid \mbox{}s )
Aaron Kaplan [Mon, 25 Nov 2013 21:47:30 +0000 (22:47 +0100)]
fix the formatting of template.tex (stupid \mbox{}s )

6 years agomv SSH OpenSSH
Aaron Zauner [Mon, 25 Nov 2013 21:40:47 +0000 (22:40 +0100)]
mv SSH OpenSSH

6 years agonow just called "ipsec"
Aaron Zauner [Mon, 25 Nov 2013 21:37:52 +0000 (22:37 +0100)]
now just called "ipsec"

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 25 Nov 2013 21:37:01 +0000 (22:37 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadd ssl libs section
Aaron Kaplan [Mon, 25 Nov 2013 21:36:50 +0000 (22:36 +0100)]
add ssl libs section

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 25 Nov 2013 21:33:18 +0000 (22:33 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoreference to ssh-dss discussion/bug report added
Aaron Zauner [Mon, 25 Nov 2013 21:33:13 +0000 (22:33 +0100)]
reference to ssh-dss discussion/bug report added

6 years agoone todo less :)
Aaron Kaplan [Mon, 25 Nov 2013 21:30:24 +0000 (22:30 +0100)]
one todo less :)

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 25 Nov 2013 21:27:38 +0000 (22:27 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoclarification on DSA exclusion from openssh settings added
Aaron Zauner [Mon, 25 Nov 2013 21:27:33 +0000 (22:27 +0100)]
clarification on DSA exclusion from openssh settings added

6 years agoopenvpn: tls-cipher differences 2.2/2.3
cm [Mon, 25 Nov 2013 21:23:11 +0000 (22:23 +0100)]
openvpn: tls-cipher differences 2.2/2.3

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 25 Nov 2013 21:20:38 +0000 (22:20 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agore-formated the OpenVPN section to fit template.tex
Aaron Kaplan [Mon, 25 Nov 2013 21:20:09 +0000 (22:20 +0100)]
re-formated the OpenVPN section to fit template.tex

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 25 Nov 2013 21:17:35 +0000 (22:17 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agobetter wording in PPTP section
Aaron Zauner [Mon, 25 Nov 2013 21:17:31 +0000 (22:17 +0100)]
better wording in PPTP section

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 25 Nov 2013 21:05:39 +0000 (22:05 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 25 Nov 2013 21:05:30 +0000 (22:05 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoremove german-only links
Aaron Zauner [Mon, 25 Nov 2013 21:05:26 +0000 (22:05 +0100)]
remove german-only links

6 years agochange the section of mysql and postgresql
Aaron Kaplan [Mon, 25 Nov 2013 21:03:52 +0000 (22:03 +0100)]
change the section of mysql and postgresql
just format it in the same structure as template.tex