« earlier | later » Page 1 of 2
Perspectives Project | Connect securely to https websites – Blog and info for the Perspectives project edit / delete
Certificate notary service -- the idea being both to detect forged (but valid) certificates, and to provide trust in self-signed certs.
to ca certificate notary security tls ... on 14 October 2016
titus - Totally Isolated TLS Unwrapping Server edit / delete
This has some nice examples of good practice in privilege separation. (Pity it's written in C++!)
to networking privilege-separation security software tls ... on 28 February 2016
diafygi/acme-tiny edit / delete
A minimal ACME client (for LetsEncrypt). This actually works very well; much less finicky than the official client.
to acme letsencrypt security software tls ... on 31 December 2015
"Mirage OS is a library operating system that constructs unikernels for secure, high-performance network applications across a variety of cloud computing and mobile platforms." In OCaml. They've done some nice work around their safe TLS implementation.
SecurityEngineering/x509Certs - MozillaWiki edit / delete
With up-to-date instructions for running your own CA.
to ca certificate mozilla ssl tls x509 ... on 26 August 2014
The SSL Co-operative edit / delete
Attempting to establish a CA on the cooperative model.
to ca certificate coop cryptography security ssl tls ... on 26 July 2014
C++ crypto library, with yet another TLS implementation.
to c++ cryptography library security software tls ... on 28 April 2014
A formally verified implementation of TLS. (Being written in F# means it's a bit impractical to use as a library, though...)
to cryptography formal-methods security tls verification ... on 28 April 2014
BetterCrypto⋅org edit / delete
Practical recommendations for TLS settings.
to cryptography security ssl tls ... on 28 April 2014
Diffie Hellman and TLS with nonsense parameters - Hanno's blog edit / delete
Apparently quite a lot of TLS implementations will happily accept 15 as a prime for DH key exchange. Presumably even if they were checking you could rely on the probabilistic test too...
to cryptography dh prime security ssl testing tls ... on 16 April 2014
« earlier | later » Page 1 of 2
| - tls | |
| 1 | + acme |
| 1 | + ag0700 |
| 1 | + ag0803 |
| 1 | + c++ |
| 5 | + ca |
| 5 | + certificate |
| 1 | + coop |
| 1 | + coverity |
| 1 | + crypto |
| 5 | + cryptography |
| 1 | + dh |
| 1 | + dump |
| 1 | + formal-methods |
| 1 | + goto |
| 1 | + http |
| 1 | + https |
| 1 | + letsencrypt |
| 1 | + library |
| 1 | + mozilla |
| 2 | + networking |
| 1 | + notary |
| 1 | + ocaml |
| 1 | + os |
| 1 | + packet |
| 1 | + papers |
| 1 | + prime |
| 1 | + privilege-separation |
| 14 | + security |
| 1 | + sni |
| 4 | + software |
| 1 | + ssh |
| 10 | + ssl |
| 1 | + static-analysis |
| 2 | + testing |
| 1 | + time |
| 1 | + verification |
| 1 | + x509 |
tasty by Adam Sampson.