Perspectives Project | Connect securely to https websites – Blog and info for the Perspectives project edit / delete

Certificate notary service -- the idea being both to detect forged (but valid) certificates, and to provide trust in self-signed certs.

to ca certificate notary security tls ... on 14 October 2016

titus - Totally Isolated TLS Unwrapping Server edit / delete

This has some nice examples of good practice in privilege separation. (Pity it's written in C++!)

to networking privilege-separation security software tls ... on 28 February 2016

diafygi/acme-tiny edit / delete

A minimal ACME client (for LetsEncrypt). This actually works very well; much less finicky than the official client.

to acme letsencrypt security software tls ... on 31 December 2015

Mirage OS edit / delete

"Mirage OS is a library operating system that constructs unikernels for secure, high-performance network applications across a variety of cloud computing and mobile platforms." In OCaml. They've done some nice work around their safe TLS implementation.

to ocaml os security tls ... on 22 March 2015

SecurityEngineering/x509Certs - MozillaWiki edit / delete

With up-to-date instructions for running your own CA.

to ca certificate mozilla ssl tls x509 ... on 26 August 2014

The SSL Co-operative edit / delete

Attempting to establish a CA on the cooperative model.

to ca certificate coop cryptography security ssl tls ... on 26 July 2014

Welcome — Botan edit / delete

C++ crypto library, with yet another TLS implementation.

to c++ cryptography library security software tls ... on 28 April 2014

miTLS - Home edit / delete

A formally verified implementation of TLS. (Being written in F# means it's a bit impractical to use as a library, though...)

to cryptography formal-methods security tls verification ... on 28 April 2014

BetterCrypto⋅org edit / delete

Practical recommendations for TLS settings.

to cryptography security ssl tls ... on 28 April 2014

Diffie Hellman and TLS with nonsense parameters - Hanno's blog edit / delete

Apparently quite a lot of TLS implementations will happily accept 15 as a prime for DH key exchange. Presumably even if they were checking you could rely on the probabilistic test too...

to cryptography dh prime security ssl testing tls ... on 16 April 2014

Browser bookmarks: tasty+ | tasty= Log in | Export | Atom