ach-master.git
6 years agorephrasing and confusion.
Aaron Zauner [Tue, 17 Dec 2013 19:11:17 +0000 (20:11 +0100)]
rephrasing and confusion.

6 years agohence, we can get rid of this TODO here as well, i guess
Aaron Zauner [Tue, 17 Dec 2013 19:04:45 +0000 (20:04 +0100)]
hence, we can get rid of this TODO here as well, i guess

6 years agomv "strong enough" -> "strong", remove comment on GCM since GCM is a option. CTR...
Aaron Zauner [Tue, 17 Dec 2013 19:04:04 +0000 (20:04 +0100)]
mv "strong enough" -> "strong", remove comment on GCM since GCM is a option. CTR mode would actually be faster

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Tue, 17 Dec 2013 17:28:14 +0000 (18:28 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded section on SHA by Florian Mendel. Thank you
Aaron Kaplan [Tue, 17 Dec 2013 17:27:47 +0000 (18:27 +0100)]
added section on SHA by Florian Mendel. Thank you

6 years agoreference for IPSEC PSK lenght
cm [Tue, 17 Dec 2013 15:57:06 +0000 (16:57 +0100)]
reference for IPSEC PSK lenght

6 years agounified text on testing ssh KEX setup
Aaron Zauner [Tue, 17 Dec 2013 15:48:24 +0000 (16:48 +0100)]
unified text on testing ssh KEX setup

6 years agoadded Cisco ASA and IOS SSH section written by kasten iwen. thanks!
Aaron Zauner [Tue, 17 Dec 2013 15:42:50 +0000 (16:42 +0100)]
added Cisco ASA and IOS SSH section written by kasten iwen. thanks!

6 years agotypo die die die
Aaron Kaplan [Tue, 17 Dec 2013 15:01:51 +0000 (16:01 +0100)]
typo die die die

6 years agoremove explicit mention of ssllabs since ssltest and sslyze can also be used as well...
Aaron Zauner [Tue, 17 Dec 2013 13:56:27 +0000 (14:56 +0100)]
remove explicit mention of ssllabs since ssltest and sslyze can also be used as well as other tools

6 years agoadd CIPHERSTRINGB to imapd.conf
Aaron Zauner [Tue, 17 Dec 2013 13:51:13 +0000 (14:51 +0100)]
add CIPHERSTRINGB to imapd.conf

6 years agoPKI: CA.pl is debian/ubuntu. specific, no such thing on RHEL or SLES or EL
Aaron Zauner [Tue, 17 Dec 2013 13:46:59 +0000 (14:46 +0100)]
PKI: CA.pl is debian/ubuntu. specific, no such thing on RHEL or SLES or EL

6 years agoensure \newpage for reviewers and further research section, add label
Aaron Zauner [Tue, 17 Dec 2013 13:38:29 +0000 (14:38 +0100)]
ensure \newpage for reviewers and further research section, add label

6 years agoclarify incorrect issuing by CAs
Aaron Zauner [Tue, 17 Dec 2013 13:23:18 +0000 (14:23 +0100)]
clarify incorrect issuing by CAs

6 years agoextended and corrected part on PKI/PKI hardening, added further research and references
Aaron Zauner [Tue, 17 Dec 2013 13:20:32 +0000 (14:20 +0100)]
extended and corrected part on PKI/PKI hardening, added further research and references

6 years agoforgot "::
Aaron Zauner [Tue, 17 Dec 2013 12:50:18 +0000 (13:50 +0100)]
forgot "::

6 years agomodify pound config to exclude SSLv3 but include our cipherstringb
Aaron Zauner [Tue, 17 Dec 2013 12:49:16 +0000 (13:49 +0100)]
modify pound config to exclude SSLv3 but include our cipherstringb

6 years agos/choices/options + \n
Aaron Zauner [Tue, 17 Dec 2013 12:46:15 +0000 (13:46 +0100)]
s/choices/options + \n

6 years agoreworked proxy section, rephrased and added content
Aaron Zauner [Tue, 17 Dec 2013 12:44:57 +0000 (13:44 +0100)]
reworked proxy section, rephrased and added content

6 years agoget rid of group 24 in ASA config
Aaron Zauner [Tue, 17 Dec 2013 12:34:09 +0000 (13:34 +0100)]
get rid of group 24 in ASA config

6 years ago+for
Aaron Zauner [Tue, 17 Dec 2013 12:26:25 +0000 (13:26 +0100)]
+for

6 years agomv AES-GCM AEAD
Aaron Zauner [Tue, 17 Dec 2013 12:25:52 +0000 (13:25 +0100)]
mv AES-GCM AEAD

6 years agogroup 24 is also a NIST curve :(
Aaron Zauner [Tue, 17 Dec 2013 12:24:26 +0000 (13:24 +0100)]
group 24 is also a NIST curve :(

6 years agoget rid of EC groups
Aaron Zauner [Tue, 17 Dec 2013 12:23:32 +0000 (13:23 +0100)]
get rid of EC groups

6 years agoget rid of comment to generate dh groups
Aaron Zauner [Tue, 17 Dec 2013 12:18:47 +0000 (13:18 +0100)]
get rid of comment to generate dh groups

6 years agoget rid of DH group 5 in ASA IKE policies
Aaron Zauner [Tue, 17 Dec 2013 12:17:36 +0000 (13:17 +0100)]
get rid of DH group 5 in ASA IKE policies

6 years agoget rid of GMAC in VPN section
Aaron Zauner [Tue, 17 Dec 2013 12:13:08 +0000 (13:13 +0100)]
get rid of GMAC in VPN section

6 years agoadded cipherstring keyword to webserver section
Aaron Zauner [Tue, 17 Dec 2013 12:08:28 +0000 (13:08 +0100)]
added cipherstring keyword to webserver section

6 years agochange sentence as recommended by karsten iwen
Aaron Zauner [Tue, 17 Dec 2013 10:09:12 +0000 (11:09 +0100)]
change sentence as recommended by karsten iwen

6 years agomove the "Ne boltai" picture to page 2.
Aaron Kaplan [Tue, 17 Dec 2013 09:51:59 +0000 (10:51 +0100)]
move the "Ne boltai" picture to page 2.

6 years agoadd Ulrich Poeschl to author list, thanks for the section on proxies
Aaron Kaplan [Tue, 17 Dec 2013 08:47:10 +0000 (09:47 +0100)]
add Ulrich Poeschl to author list, thanks for the section on proxies

6 years agookay, we have some text on PKis now
Aaron Kaplan [Tue, 17 Dec 2013 03:01:57 +0000 (04:01 +0100)]
okay, we have some text on PKis now

6 years agotypo
Aaron Kaplan [Tue, 17 Dec 2013 02:48:30 +0000 (03:48 +0100)]
typo

6 years agono such thing as complete information assurance
Aaron Kaplan [Tue, 17 Dec 2013 02:47:25 +0000 (03:47 +0100)]
no such thing as complete information assurance

6 years agoslight change of format / size in the how to read section
Aaron Kaplan [Tue, 17 Dec 2013 02:46:26 +0000 (03:46 +0100)]
slight change of format / size in the how to read section

6 years agoepigraph is nice but IMHO does not fit here
Aaron Kaplan [Tue, 17 Dec 2013 02:45:44 +0000 (03:45 +0100)]
epigraph is nice but IMHO does not fit here

6 years agofixed formatting of the flow graph
Aaron Kaplan [Tue, 17 Dec 2013 02:38:50 +0000 (03:38 +0100)]
fixed formatting of the flow graph

6 years agoupdate reality in TODO.txt
Aaron Kaplan [Tue, 17 Dec 2013 02:02:39 +0000 (03:02 +0100)]
update reality in TODO.txt

6 years agoadd items from our TODO.txt list to the further research section.
Aaron Kaplan [Tue, 17 Dec 2013 02:01:32 +0000 (03:01 +0100)]
add items from our TODO.txt list to the further research section.
This way, readers can know what we are still missing and where they could help out with the documentation

6 years agocomment out empty section
Aaron Kaplan [Tue, 17 Dec 2013 01:11:45 +0000 (02:11 +0100)]
comment out empty section

6 years agoproof of my mail signature. No claim without proof or reference!
Aaron Kaplan [Tue, 17 Dec 2013 01:09:41 +0000 (02:09 +0100)]
proof of my mail signature. No claim without proof or reference!

6 years agoadd comment on RSA keys to asa section
Aaron Zauner [Mon, 16 Dec 2013 23:42:18 +0000 (00:42 +0100)]
add comment on RSA keys to asa section

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 16 Dec 2013 23:41:15 +0000 (00:41 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadd references and suggestions as recommended by karsten iwen to the Cisco ASA section
Aaron Zauner [Mon, 16 Dec 2013 23:41:11 +0000 (00:41 +0100)]
add references and suggestions as recommended by karsten iwen to the Cisco ASA section

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
cm [Mon, 16 Dec 2013 23:19:51 +0000 (00:19 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agousepackage{longtable} for cipher suite name table
cm [Mon, 16 Dec 2013 23:19:45 +0000 (00:19 +0100)]
usepackage{longtable} for cipher suite name table

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 16 Dec 2013 23:17:21 +0000 (00:17 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agomore debug output for testing openssh
Aaron Zauner [Mon, 16 Dec 2013 23:17:17 +0000 (00:17 +0100)]
more debug output for testing openssh

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 16 Dec 2013 23:10:54 +0000 (00:10 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadd postels law as quote to propaganda page :)
Aaron Zauner [Mon, 16 Dec 2013 23:10:50 +0000 (00:10 +0100)]
add postels law as quote to propaganda page :)

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
cm [Mon, 16 Dec 2013 23:10:07 +0000 (00:10 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
cm [Mon, 16 Dec 2013 23:07:55 +0000 (00:07 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded cipher suite name appendix
cm [Mon, 16 Dec 2013 23:07:22 +0000 (00:07 +0100)]
added cipher suite name appendix

6 years agoremove \newline
Aaron Kaplan [Mon, 16 Dec 2013 23:03:54 +0000 (00:03 +0100)]
remove \newline

6 years agohow to read flow graph
Aaron Kaplan [Mon, 16 Dec 2013 23:03:33 +0000 (00:03 +0100)]
how to read flow graph

6 years agotypos
Aaron Kaplan [Mon, 16 Dec 2013 23:02:41 +0000 (00:02 +0100)]
typos

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Mon, 16 Dec 2013 23:00:52 +0000 (00:00 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded openssh version
Aaron Zauner [Mon, 16 Dec 2013 23:00:47 +0000 (00:00 +0100)]
added openssh version

6 years agotypo
Aaron Kaplan [Mon, 16 Dec 2013 23:00:40 +0000 (00:00 +0100)]
typo

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 16 Dec 2013 22:59:57 +0000 (23:59 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoremove \newpage
Aaron Kaplan [Mon, 16 Dec 2013 22:56:37 +0000 (23:56 +0100)]
remove \newpage

6 years agoremove \newpages
Aaron Kaplan [Mon, 16 Dec 2013 22:56:18 +0000 (23:56 +0100)]
remove \newpages

6 years agominor formatting. Dont need to escape % in listings
Aaron Kaplan [Mon, 16 Dec 2013 22:55:47 +0000 (23:55 +0100)]
minor formatting. Dont need to escape % in listings

6 years agoadded WP links for malleability and CTS
Aaron Zauner [Mon, 16 Dec 2013 22:53:01 +0000 (23:53 +0100)]
added WP links for malleability and CTS

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Adi Kriegisch [Mon, 16 Dec 2013 22:52:34 +0000 (23:52 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoadded section about authentication
Adi Kriegisch [Mon, 16 Dec 2013 22:52:19 +0000 (23:52 +0100)]
added section about authentication

6 years agoadd flowchart
Aaron Kaplan [Mon, 16 Dec 2013 22:52:05 +0000 (23:52 +0100)]
add flowchart

6 years agoadd flow chart
Aaron Kaplan [Mon, 16 Dec 2013 22:51:52 +0000 (23:51 +0100)]
add flow chart

6 years agoadded links on RNGs and TLS attacks
Aaron Zauner [Mon, 16 Dec 2013 22:51:24 +0000 (23:51 +0100)]
added links on RNGs and TLS attacks

6 years agofixed some wording in key exchange
Adi Kriegisch [Mon, 16 Dec 2013 22:35:20 +0000 (23:35 +0100)]
fixed some wording in key exchange

6 years agourl in ref
Thomas Schreck [Mon, 16 Dec 2013 22:04:06 +0000 (23:04 +0100)]
url in ref

6 years agobug in PKI section
Thomas Schreck [Mon, 16 Dec 2013 21:58:42 +0000 (22:58 +0100)]
bug in PKI section

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Thomas Schreck [Mon, 16 Dec 2013 21:45:37 +0000 (22:45 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agosome changes to PKI
Thomas Schreck [Mon, 16 Dec 2013 21:45:12 +0000 (22:45 +0100)]
some changes to PKI

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
cm [Mon, 16 Dec 2013 21:43:27 +0000 (22:43 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoput cite references to RFCs
cm [Mon, 16 Dec 2013 21:43:21 +0000 (22:43 +0100)]
put cite references to RFCs

6 years agoclean generated tex files
Aaron Kaplan [Mon, 16 Dec 2013 21:43:08 +0000 (22:43 +0100)]
clean generated tex files

6 years agoadd Thomas Schreck as co-author. Thanks for the great PKI section!
Aaron Kaplan [Mon, 16 Dec 2013 21:29:09 +0000 (22:29 +0100)]
add Thomas Schreck as co-author. Thanks for the great PKI section!

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 16 Dec 2013 21:17:11 +0000 (22:17 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agofix structure. Add test in nginx
Aaron Kaplan [Mon, 16 Dec 2013 21:16:55 +0000 (22:16 +0100)]
fix structure. Add test in nginx

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Thomas Schreck [Mon, 16 Dec 2013 21:14:28 +0000 (22:14 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Thomas Schreck [Mon, 16 Dec 2013 21:14:18 +0000 (22:14 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

Conflicts:
src/PKIs.tex

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 16 Dec 2013 21:11:25 +0000 (22:11 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agodamn you perl
Aaron Kaplan [Mon, 16 Dec 2013 21:11:15 +0000 (22:11 +0100)]
damn you perl

6 years agotodo removed (already done)
Adi Kriegisch [Mon, 16 Dec 2013 21:07:00 +0000 (22:07 +0100)]
todo removed (already done)

6 years agofixed typo
Adi Kriegisch [Mon, 16 Dec 2013 21:05:31 +0000 (22:05 +0100)]
fixed typo

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Adi Kriegisch [Mon, 16 Dec 2013 21:02:46 +0000 (22:02 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agossllibs done for the moment
Adi Kriegisch [Mon, 16 Dec 2013 21:02:36 +0000 (22:02 +0100)]
ssllibs done for the moment

6 years agonew text
Thomas Schreck [Mon, 16 Dec 2013 20:58:42 +0000 (21:58 +0100)]
new text

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 16 Dec 2013 20:54:28 +0000 (21:54 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoMerge github.com:BetterCrypto/Applied-Crypto-Hardening
Aaron Kaplan [Mon, 16 Dec 2013 20:54:03 +0000 (21:54 +0100)]
Merge github.com:BetterCrypto/Applied-Crypto-Hardening

Conflicts:
src/practical_settings/DBs.tex

6 years agorecommend IKE DH groups
cm [Mon, 16 Dec 2013 20:50:27 +0000 (21:50 +0100)]
recommend IKE DH groups

6 years agorestructure into subsections - since we now use the report style
Aaron Kaplan [Mon, 16 Dec 2013 20:48:49 +0000 (21:48 +0100)]
restructure into subsections - since we now use the report style

6 years agoinclude latest changes from Berg
Aaron Kaplan [Mon, 16 Dec 2013 20:48:13 +0000 (21:48 +0100)]
include latest changes from Berg

6 years agoautomatically generate the _template.tex files ... also in the Makefile
Aaron Kaplan [Mon, 16 Dec 2013 20:45:36 +0000 (21:45 +0100)]
automatically generate the _template.tex files ... also in the Makefile

6 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Mon, 16 Dec 2013 20:45:03 +0000 (21:45 +0100)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

6 years agoignore certain files. Fix the script
Aaron Kaplan [Mon, 16 Dec 2013 20:44:46 +0000 (21:44 +0100)]
ignore certain files. Fix the script

6 years agoMerge pull request #14 from berq/patch-14
AaronK [Mon, 16 Dec 2013 20:33:34 +0000 (12:33 -0800)]
Merge pull request #14 from berq/patch-14

beautify & mysql reference added

6 years agomore details to ssl libs
Adi Kriegisch [Mon, 16 Dec 2013 20:24:05 +0000 (21:24 +0100)]
more details to ssl libs

6 years agobeautify & mysql reference added
berq [Mon, 16 Dec 2013 20:22:39 +0000 (21:22 +0100)]
beautify & mysql reference added