ach-master.git
5 years agoDisable SSLv3 for Dovecot
Christian Mehlmauer [Fri, 17 Oct 2014 20:42:55 +0000 (22:42 +0200)]
Disable SSLv3 for Dovecot

5 years agoMerge pull request #73 from oe1rfc/master
Aaron Zauner [Mon, 6 Oct 2014 00:17:08 +0000 (02:17 +0200)]
Merge pull request #73 from oe1rfc/master

nginx/https-redirect: redirect to request domain, ditch regex

5 years agonginx/https-redirect: use return instead of rewrite regex, $host instead of $server_name
Clemens Hopfer [Sun, 5 Oct 2014 18:55:46 +0000 (20:55 +0200)]
nginx/https-redirect: use return instead of rewrite regex, $host instead of $server_name

5 years agoMerge pull request #72 from oparoz/patch-2
Aaron Zauner [Sun, 28 Sep 2014 20:07:11 +0000 (22:07 +0200)]
Merge pull request #72 from oparoz/patch-2

Added 2 bash scripts

5 years agoAdded 2 bash scripts
Olivier Paroz [Fri, 26 Sep 2014 11:04:32 +0000 (13:04 +0200)]
Added 2 bash scripts

Those scripts use openssl to parse the data and present nice summaries.

```
linux $ ./cipherscan www.google.com:443
...................
prio  ciphersuite                  protocols                    pfs_keysize
1     ECDHE-RSA-CHACHA20-POLY1305  TLSv1.2                      ECDH,P-256,256bits
2     ECDHE-RSA-AES128-GCM-SHA256  TLSv1.2                      ECDH,P-256,256bits
3     ECDHE-RSA-AES128-SHA         TLSv1.1,TLSv1.2              ECDH,P-256,256bits
4     ECDHE-RSA-RC4-SHA            SSLv3,TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
5     AES128-GCM-SHA256            TLSv1.2
6     AES128-SHA256                TLSv1.2
7     AES128-SHA                   TLSv1.1,TLSv1.2
8     RC4-SHA                      SSLv3,TLSv1,TLSv1.1,TLSv1.2
9     RC4-MD5                      SSLv3,TLSv1,TLSv1.1,TLSv1.2
10    ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                      ECDH,P-256,256bits
11    ECDHE-RSA-AES256-SHA384      TLSv1.2                      ECDH,P-256,256bits
12    ECDHE-RSA-AES256-SHA         SSLv3,TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
13    AES256-GCM-SHA384            TLSv1.2
14    AES256-SHA256                TLSv1.2
15    AES256-SHA                   SSLv3,TLSv1,TLSv1.1,TLSv1.2
16    ECDHE-RSA-DES-CBC3-SHA       SSLv3,TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
17    DES-CBC3-SHA                 SSLv3,TLSv1,TLSv1.1,TLSv1.2
18    ECDHE-RSA-AES128-SHA256      TLSv1.2                      ECDH,P-256,256bits

Certificate: trusted, 2048 bit, sha1WithRSAEncryption signature
```

and
https://cloud.githubusercontent.com/assets/8036727/4375481/a521aee8-433c-11e4-9c37-c48464da80a1.jpg

5 years agolighttpd: fix dh-file and ec-curve setting
Adi Kriegisch [Tue, 15 Jul 2014 09:17:33 +0000 (11:17 +0200)]
lighttpd: fix dh-file and ec-curve setting

5 years agoMerge pull request #68 from schwindp/patch-1
AaronK [Fri, 11 Jul 2014 12:33:07 +0000 (14:33 +0200)]
Merge pull request #68 from schwindp/patch-1

Update im.tex - Thanks for the typo fixing!

5 years agoUpdate im.tex
Peter Schwindt [Fri, 11 Jul 2014 12:21:29 +0000 (14:21 +0200)]
Update im.tex

Only fix some typos this time.

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Adi Kriegisch [Mon, 7 Jul 2014 19:26:07 +0000 (21:26 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agoconsens about 4096bit minimum bit length (implementation implemented)
Adi Kriegisch [Mon, 7 Jul 2014 19:25:40 +0000 (21:25 +0200)]
consens about 4096bit minimum bit length (implementation implemented)

5 years agochange apache rewrite to redirect
cm [Mon, 7 Jul 2014 18:00:27 +0000 (20:00 +0200)]
change apache rewrite to redirect

5 years agoTODO: Some links are bogus to the website instead of staying within the PDF.
Pepi Zawodsky [Sat, 21 Jun 2014 14:38:47 +0000 (16:38 +0200)]
TODO: Some links are bogus to the website instead of staying within the PDF.

5 years agoFix date in PDF
David Durvaux [Thu, 12 Jun 2014 11:18:02 +0000 (13:18 +0200)]
Fix date in PDF

5 years agoPresentation as done M3AAWG/31
David Durvaux [Thu, 12 Jun 2014 07:45:10 +0000 (09:45 +0200)]
Presentation as done M3AAWG/31

5 years agoAs done
David Durvaux [Mon, 9 Jun 2014 15:28:30 +0000 (17:28 +0200)]
As done

5 years agoAdding presentation for Thursday 12/06 - panel discussion
David Durvaux [Mon, 9 Jun 2014 11:01:14 +0000 (13:01 +0200)]
Adding presentation for Thursday 12/06 - panel discussion

5 years agoLast version (discussion with Aaron)
David Durvaux [Sun, 8 Jun 2014 22:08:58 +0000 (00:08 +0200)]
Last version (discussion with Aaron)

5 years agoAdd some comments for presenter ;)
David Durvaux [Sun, 8 Jun 2014 16:00:22 +0000 (18:00 +0200)]
Add some comments for presenter ;)

5 years agoFinal version for presentation
David Durvaux [Sat, 7 Jun 2014 08:53:03 +0000 (10:53 +0200)]
Final version for presentation

5 years agoFinal presentation for M3AWWG
David Durvaux [Fri, 6 Jun 2014 16:33:50 +0000 (18:33 +0200)]
Final presentation for M3AWWG

5 years agoMerge https://github.com/martin-rublik/Applied-Crypto-Hardening
Aaron Zauner [Fri, 6 Jun 2014 14:47:22 +0000 (16:47 +0200)]
Merge https://github.com/martin-rublik/Applied-Crypto-Hardening

5 years agoMerge https://github.com/krono/Applied-Crypto-Hardening
Aaron Zauner [Fri, 6 Jun 2014 14:44:43 +0000 (16:44 +0200)]
Merge https://github.com/krono/Applied-Crypto-Hardening

5 years agoFix glossaries on <tl2012
Tobias Pape [Wed, 4 Jun 2014 11:05:53 +0000 (13:05 +0200)]
Fix glossaries on <tl2012

xindy prior to 2013 does not handle missing \printglossaries
correctly, so switch to makeindex

5 years agoFix tex stuf as requested by TODO2
Tobias Pape [Tue, 3 Jun 2014 21:57:23 +0000 (23:57 +0200)]
Fix tex stuf as requested by TODO2

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Tue, 3 Jun 2014 20:47:38 +0000 (22:47 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agoignore the gloassary for now
Aaron Kaplan [Tue, 3 Jun 2014 20:47:05 +0000 (22:47 +0200)]
ignore the gloassary for now
make two pdflatex runs in order to have the refs done correctly

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
cm [Tue, 3 Jun 2014 20:41:07 +0000 (22:41 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agoupdates IANA cipher suites
cm [Tue, 3 Jun 2014 20:40:55 +0000 (22:40 +0200)]
updates IANA cipher suites

5 years agocomment out the chosing your own cipher section since it is not finished
Aaron Kaplan [Tue, 3 Jun 2014 20:40:26 +0000 (22:40 +0200)]
comment out the chosing your own cipher section since it is not finished

5 years agoAzet found a way to include the ephermeral handshakes which work in older openssl...
Aaron Kaplan [Tue, 3 Jun 2014 20:39:33 +0000 (22:39 +0200)]
Azet found a way to include the ephermeral handshakes which work in older openssl versions as well as in newer ones.
See also: http://lists.cert.at/pipermail/ach/2014-May/001355.html

5 years agoremove todo
Aaron Kaplan [Tue, 3 Jun 2014 20:12:18 +0000 (22:12 +0200)]
remove todo

5 years agorevert
Aaron Kaplan [Tue, 3 Jun 2014 20:11:56 +0000 (22:11 +0200)]
revert

5 years agoaccomodate for different latex output warnings about undefined refs
Aaron Kaplan [Tue, 3 Jun 2014 20:10:28 +0000 (22:10 +0200)]
accomodate for different latex output warnings about undefined refs

5 years agoreformulate
Aaron Kaplan [Tue, 3 Jun 2014 19:57:34 +0000 (21:57 +0200)]
reformulate

5 years agouploaded the dhparams to the web page /static/dhparams
Aaron Kaplan [Tue, 3 Jun 2014 19:56:40 +0000 (21:56 +0200)]
uploaded the dhparams to the web page /static/dhparams
Reference the URL from the PDF.

5 years agosame
Aaron Kaplan [Tue, 3 Jun 2014 19:43:18 +0000 (21:43 +0200)]
same

5 years agoseclayer_tcp will be commented out if nothing comes from the involved parties
Aaron Kaplan [Tue, 3 Jun 2014 19:42:31 +0000 (21:42 +0200)]
seclayer_tcp will be commented out if nothing comes from the involved parties

5 years agosquid is commented out for now until we know that it was tested
Aaron Kaplan [Tue, 3 Jun 2014 19:41:01 +0000 (21:41 +0200)]
squid is commented out for now until we know that it was tested

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Tue, 3 Jun 2014 19:38:30 +0000 (21:38 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agoremove \todos - >
Aaron Kaplan [Tue, 3 Jun 2014 19:38:12 +0000 (21:38 +0200)]
remove \todos - >
% XXX ask the author XXX

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
cm [Tue, 3 Jun 2014 19:22:32 +0000 (21:22 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agookay, we do need to add references to ejabberd
Aaron Kaplan [Tue, 3 Jun 2014 19:21:34 +0000 (21:21 +0200)]
okay, we do need to add references to ejabberd

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
cm [Tue, 3 Jun 2014 19:20:54 +0000 (21:20 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agoadded link to gutmanns x.509 text
cm [Tue, 3 Jun 2014 19:20:50 +0000 (21:20 +0200)]
added link to gutmanns x.509 text

5 years agoopenswan
Aaron Kaplan [Tue, 3 Jun 2014 19:10:20 +0000 (21:10 +0200)]
openswan

5 years agoIKE ike ike
Aaron Kaplan [Tue, 3 Jun 2014 18:58:48 +0000 (20:58 +0200)]
IKE ike ike

5 years agoctable is here
Aaron Kaplan [Tue, 3 Jun 2014 18:46:42 +0000 (20:46 +0200)]
ctable is here

5 years agonote to Wolfgang
Aaron Kaplan [Tue, 3 Jun 2014 18:19:17 +0000 (20:19 +0200)]
note to Wolfgang

5 years agotyposquatting
Aaron Kaplan [Tue, 3 Jun 2014 18:12:30 +0000 (20:12 +0200)]
typosquatting

5 years agoclarify wording
Aaron Kaplan [Tue, 3 Jun 2014 18:10:43 +0000 (20:10 +0200)]
clarify wording

5 years agonotes
Aaron Kaplan [Tue, 3 Jun 2014 18:04:04 +0000 (20:04 +0200)]
notes

5 years agoreformulate
Aaron Kaplan [Tue, 3 Jun 2014 18:00:19 +0000 (20:00 +0200)]
reformulate

5 years agotypo
Aaron Kaplan [Tue, 3 Jun 2014 17:58:57 +0000 (19:58 +0200)]
typo

5 years agofurhter clarify ECDSA/Schannel usage
Aaron Zauner [Tue, 3 Jun 2014 17:58:06 +0000 (19:58 +0200)]
furhter clarify ECDSA/Schannel usage

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Tue, 3 Jun 2014 17:51:57 +0000 (19:51 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agoclarify SChannel ciphersuite use by microsoft
Aaron Zauner [Tue, 3 Jun 2014 17:51:49 +0000 (19:51 +0200)]
clarify SChannel ciphersuite use by microsoft

5 years agotypo
Aaron Kaplan [Tue, 3 Jun 2014 17:45:00 +0000 (19:45 +0200)]
typo
document what we are still missing in the testing part

5 years agoadd guttman's references
Aaron Kaplan [Tue, 3 Jun 2014 17:41:57 +0000 (19:41 +0200)]
add guttman's references

5 years agoclarify in the beginning what we mean by cipherstring A and B
Aaron Kaplan [Tue, 3 Jun 2014 17:34:28 +0000 (19:34 +0200)]
clarify in the beginning what we mean by cipherstring A and B

5 years agonotes from todo
Aaron Kaplan [Tue, 3 Jun 2014 17:21:14 +0000 (19:21 +0200)]
notes from todo

5 years agoglossary example removed from the final release
Aaron Kaplan [Tue, 3 Jun 2014 17:18:29 +0000 (19:18 +0200)]
glossary example removed from the final release

5 years agonote the TODO for formatting
Aaron Kaplan [Tue, 3 Jun 2014 17:15:07 +0000 (19:15 +0200)]
note the TODO for formatting
move list of listings and glossary to the end

5 years agothe the
Aaron Kaplan [Tue, 3 Jun 2014 17:09:23 +0000 (19:09 +0200)]
the the

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Kaplan [Tue, 3 Jun 2014 17:06:36 +0000 (19:06 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

Conflicts:
presentations/M3AWWG/draft_m3aawg.pptx

5 years agofixed MANY typos
Aaron Kaplan [Tue, 3 Jun 2014 17:05:00 +0000 (19:05 +0200)]
fixed MANY typos
please take a look at azet's , pepi's slide sets
We still need more focus on mail server settings for the M3AAWG meeting

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
Aaron Zauner [Tue, 3 Jun 2014 16:37:04 +0000 (18:37 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agoadd contents for a few abbriviations
Aaron Zauner [Tue, 3 Jun 2014 16:36:38 +0000 (18:36 +0200)]
add contents for a few abbriviations

5 years agoFinal draft version
David Durvaux [Mon, 2 Jun 2014 13:20:33 +0000 (15:20 +0200)]
Final draft version

5 years agoHSTS: slightly reworded and spelling corrected
martin-rublik [Mon, 2 Jun 2014 13:14:56 +0000 (14:14 +0100)]
HSTS: slightly reworded and spelling corrected

5 years agoRevert "fix typos and grammar"
David Durvaux [Mon, 2 Jun 2014 12:23:58 +0000 (14:23 +0200)]
Revert "fix typos and grammar"

This reverts commit 2b6de2dcb853279ef51e23af7b0f4bbb187ae7cc.

5 years agofix typos and grammar
Aaron Kaplan [Mon, 2 Jun 2014 12:10:17 +0000 (14:10 +0200)]
fix typos and grammar
clarify some slides

5 years agodraft with Joe comments
David Durvaux [Mon, 2 Jun 2014 10:18:46 +0000 (12:18 +0200)]
draft with Joe comments

5 years agoMerge remote-tracking branch 'upstream/master'
martin-rublik [Mon, 2 Jun 2014 09:49:01 +0000 (10:49 +0100)]
Merge remote-tracking branch 'upstream/master'

5 years agoAdding small script to measure time
David Durvaux [Mon, 2 Jun 2014 07:13:16 +0000 (09:13 +0200)]
Adding small script to measure time

5 years agoAdd a slide on GPG vs AES
David Durvaux [Wed, 28 May 2014 15:31:29 +0000 (17:31 +0200)]
Add a slide on GPG vs AES

5 years agoUpdate draft PDF
David Durvaux [Wed, 28 May 2014 15:31:07 +0000 (17:31 +0200)]
Update draft PDF

5 years agoAdd a slide on GPG vs AES
David Durvaux [Wed, 28 May 2014 15:29:40 +0000 (17:29 +0200)]
Add a slide on GPG vs AES

5 years agoVersion++ M3AAWG
David Durvaux [Wed, 28 May 2014 04:59:28 +0000 (06:59 +0200)]
Version++ M3AAWG

5 years agoVersion++ M3AAWG
David Durvaux [Wed, 28 May 2014 04:55:10 +0000 (06:55 +0200)]
Version++ M3AAWG

5 years agogenerate a PDF file
David Durvaux [Tue, 27 May 2014 16:22:45 +0000 (18:22 +0200)]
generate a PDF file

5 years agoContinue
David Durvaux [Tue, 27 May 2014 16:20:03 +0000 (18:20 +0200)]
Continue

5 years agoGPG draft added to M3AAWG presentation
David Durvaux [Tue, 27 May 2014 05:02:20 +0000 (07:02 +0200)]
GPG draft added to M3AAWG presentation

5 years agoGPG draft added to M3AAWG presentation
David Durvaux [Tue, 27 May 2014 05:01:53 +0000 (07:01 +0200)]
GPG draft added to M3AAWG presentation

5 years agoMerge branch 'master' of https://git.bettercrypto.org/ach-master
David Durvaux [Mon, 26 May 2014 15:17:32 +0000 (17:17 +0200)]
Merge branch 'master' of https://git.bettercrypto.org/ach-master

5 years agostructure ok for M3AAWG
David Durvaux [Mon, 26 May 2014 15:17:21 +0000 (17:17 +0200)]
structure ok for M3AAWG

5 years agoAdded request for CSRs, Cert revocaton and cert/key management by @yawnbox
Pepi Zawodsky [Fri, 23 May 2014 21:15:52 +0000 (23:15 +0200)]
Added request for CSRs, Cert revocaton and cert/key management by @yawnbox

5 years agodraft advancing
David Durvaux [Fri, 23 May 2014 15:38:15 +0000 (17:38 +0200)]
draft advancing

5 years agoUpdate M3AAWG
David Durvaux [Fri, 23 May 2014 05:25:40 +0000 (07:25 +0200)]
Update M3AAWG

5 years agoMerge remote-tracking branch 'upstream/master'
martin-rublik [Wed, 21 May 2014 07:22:55 +0000 (08:22 +0100)]
Merge remote-tracking branch 'upstream/master'

5 years agoadd IRC information
Aaron Zauner [Thu, 15 May 2014 12:48:36 +0000 (14:48 +0200)]
add IRC information

5 years agoripe presetnation - final version
Aaron Kaplan [Sun, 11 May 2014 10:32:49 +0000 (12:32 +0200)]
ripe presetnation - final version

5 years agoMerge https://git.bettercrypto.org/ach-master
Aaron Kaplan [Sun, 11 May 2014 10:31:45 +0000 (12:31 +0200)]
Merge https://git.bettercrypto.org/ach-master

5 years agoMerge pull request #65 from krono/master
AaronK [Sat, 10 May 2014 09:00:49 +0000 (11:00 +0200)]
Merge pull request #65 from krono/master

Activate font maps (necessary for TL <2013, at least)

5 years agoActivate font maps (necessary for TL <2013, at least)
Tobias Pape [Fri, 9 May 2014 22:05:20 +0000 (00:05 +0200)]
Activate font maps (necessary for TL <2013, at least)

5 years agoMerge pull request #64 from krono/master
AaronK [Fri, 9 May 2014 13:46:46 +0000 (15:46 +0200)]
Merge pull request #64 from krono/master

do not autounindent currently, it seems broken

5 years agodo not autounindent currently, it seems broken
Tobias Pape [Fri, 9 May 2014 13:43:20 +0000 (15:43 +0200)]
do not autounindent currently, it seems broken

``I do not want to by this record, it is scratched''

5 years agoMerge pull request #63 from krono/master
AaronK [Fri, 9 May 2014 12:55:19 +0000 (14:55 +0200)]
Merge pull request #63 from krono/master

sometimes hyperref does not like the hash symbol

5 years agosometimes hyperref does not like the hash symbol
Tobias Pape [Fri, 9 May 2014 12:47:38 +0000 (14:47 +0200)]
sometimes hyperref does not like the hash symbol

5 years agoMerge pull request #62 from krono/master
AaronK [Fri, 9 May 2014 12:35:23 +0000 (14:35 +0200)]
Merge pull request #62 from krono/master

add current datatool

5 years agoadd current datatool
Tobias Pape [Fri, 9 May 2014 12:29:08 +0000 (14:29 +0200)]
add current datatool