« earlier | later » Page 1 of 3
The SSL Co-operative edit / delete
Attempting to establish a CA on the cooperative model.
to ca certificate coop cryptography security ssl tls ... on 26 July 2014
BetterCryptoâ‹…org edit / delete
Practical recommendations for TLS settings.
to cryptography security ssl tls ... on 28 April 2014
Diffie Hellman and TLS with nonsense parameters - Hanno's blog edit / delete
Apparently quite a lot of TLS implementations will happily accept 15 as a prime for DH key exchange. Presumably even if they were checking you could rely on the probabilistic test too...
to cryptography dh prime security ssl testing tls ... on 16 April 2014
Embedded in Academia : A New Development for Coverity and Heartbleed edit / delete
What Coverity is doing to detect the Heartbleed problem (in short: treating n2hs-style functions as generating tainted results).
to coverity security ssl static-analysis tls ... on 14 April 2014
Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations edit / delete
Generating randomly-varied certificates and comparing how different implementations respond to them.
to ca certificate papers security ssl testing tls ... on 13 April 2014
ImperialViolet - Apple's SSL/TLS bug edit / delete
The famous copy-and-paste error.
Moserware: The First Few Milliseconds of an HTTPS Connection edit / delete
Nice overview of what exactly is going on when establishing a TLS connection, with packet dumps and brief explanations of the maths.
to ag0803 crypto dump networking packet ssl tls ... on 17 December 2013
About Crossbear | pki.net.in.tum.de|crossbear.org edit / delete
"Crossbear is a tool that aims to detect and localise Man-in-the-middle (MitM) attacks on the SSL/TLS [and SSH] protocols." It works by comparing the certificate you get with what others got from different locations. (I imagine CDNs will break this as usual...)
to ca certificate security ssh ssl tls ... on 14 December 2013
Qualys SSL Labs - Projects / SSL Server Test edit / delete
Test your SSL webserver -- e.g. to see whether it supports a reasonable set of cipher suites.
to cryptography http ssl web ... on 01 December 2013
Keylength - NIST Report on Cryptographic Key Length and Cryptoperiod (2012) edit / delete
Handy reference to a selection of standards for key length.
to cryptography dsa gpg key pgp rsa ssl ... on 07 September 2013
« earlier | later » Page 1 of 3
| - ssl | |
| 1 | + ag0700 |
| 1 | + ag0803 |
| 1 | + bugs |
| 5 | + ca |
| 4 | + certificate |
| 1 | + certificates |
| 1 | + coop |
| 1 | + coverity |
| 2 | + crypto |
| 5 | + cryptography |
| 1 | + dh |
| 1 | + dovecot |
| 1 | + dsa |
| 1 | + dump |
| 2 | + firefox |
| 1 | + formal-methods |
| 1 | + goto |
| 1 | + gpg |
| 2 | + http |
| 1 | + https |
| 1 | + key |
| 1 | + mozilla |
| 1 | + networking |
| 1 | + openssl |
| 1 | + packet |
| 1 | + papers |
| 1 | + pgp |
| 1 | + pki |
| 1 | + prime |
| 1 | + rsa |
| 12 | + security |
| 1 | + sni |
| 5 | + software |
| 3 | + ssh |
| 1 | + static-analysis |
| 2 | + testing |
| 10 | + tls |
| 1 | + web |
| 2 | + x509 |
tasty by Adam Sampson.