|
Packit |
aea12f |
@node Bibliography
|
|
Packit |
aea12f |
@unnumbered Bibliography
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@table @asis
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{CBCATT}[CBCATT]
|
|
Packit |
aea12f |
Bodo Moeller, "Security of CBC Ciphersuites in SSL/TLS: Problems and
|
|
Packit |
aea12f |
Countermeasures", 2002, available from
|
|
Packit |
aea12f |
@url{https://www.openssl.org/~bodo/tls-cbc.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{GPGH}[GPGH]
|
|
Packit |
aea12f |
Mike Ashley, "The GNU Privacy Handbook", 2002, available from
|
|
Packit |
aea12f |
@url{https://www.gnupg.org/gph/en/manual.pdf}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{GUTPKI}[GUTPKI]
|
|
Packit |
aea12f |
Peter Gutmann, "Everything you never wanted to know about PKI but were
|
|
Packit |
aea12f |
forced to find out", Available from
|
|
Packit |
aea12f |
@url{https://www.cs.auckland.ac.nz/~pgut001/}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{PRNGATTACKS}[PRNGATTACKS]
|
|
Packit |
aea12f |
John Kelsey and Bruce Schneier, "Cryptanalytic Attacks on Pseudorandom Number Generators",
|
|
Packit |
aea12f |
Available from @url{https://www.schneier.com/academic/paperfiles/paper-prngs.pdf}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{KEYPIN}[KEYPIN]
|
|
Packit |
aea12f |
Chris Evans and Chris Palmer, "Public Key Pinning Extension for HTTP",
|
|
Packit |
aea12f |
Available from @url{https://tools.ietf.org/html/draft-ietf-websec-key-pinning-01}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{NISTSP80057}[NISTSP80057]
|
|
Packit |
aea12f |
NIST Special Publication 800-57, "Recommendation for Key Management -
|
|
Packit |
aea12f |
Part 1: General (Revised)", March 2007, available from
|
|
Packit |
aea12f |
@url{https://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC7413}[RFC7413]
|
|
Packit |
aea12f |
Y. Cheng and J. Chu and S. Radhakrishnan and A. Jain, "TCP Fast Open",
|
|
Packit |
aea12f |
December 2014, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc7413.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC7918}[RFC7918]
|
|
Packit |
aea12f |
A. Langley, N. Modadugu, B. Moeller, "Transport Layer Security (TLS) False Start",
|
|
Packit |
aea12f |
August 2016, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc7918.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC6125}[RFC6125]
|
|
Packit |
aea12f |
Peter Saint-Andre and Jeff Hodges, "Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS)",
|
|
Packit |
aea12f |
March 2011, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc6125.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC7685}[RFC7685]
|
|
Packit |
aea12f |
Adam Langley, "A Transport Layer Security (TLS) ClientHello Padding Extension",
|
|
Packit |
aea12f |
October 2015, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc7685.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC7613}[RFC7613]
|
|
Packit |
aea12f |
Peter Saint-Andre and Alexey Melnikov, "Preparation, Enforcement, and Comparison of Internationalized Strings Representing Usernames and Passwords",
|
|
Packit |
aea12f |
August 2015, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc7613.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC2246}[RFC2246]
|
|
Packit |
aea12f |
Tim Dierks and Christopher Allen, "The TLS Protocol Version 1.0",
|
|
Packit |
aea12f |
January 1999, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc2246.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC6083}[RFC6083]
|
|
Packit |
aea12f |
M. Tuexen and R. Seggelmann and E. Rescorla, "Datagram Transport Layer Security (DTLS) for Stream Control Transmission Protocol (SCTP)",
|
|
Packit |
aea12f |
January 2011, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc6083.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC4418}[RFC4418]
|
|
Packit |
aea12f |
Ted Krovetz, "UMAC: Message Authentication Code using Universal Hashing",
|
|
Packit |
aea12f |
March 2006, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc4418.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC4680}[RFC4680]
|
|
Packit |
aea12f |
S. Santesson, "TLS Handshake Message for Supplemental Data",
|
|
Packit |
aea12f |
September 2006, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc4680.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC7633}[RFC7633]
|
|
Packit |
aea12f |
P. Hallam-Baker, "X.509v3 Transport Layer Security (TLS) Feature Extension",
|
|
Packit |
aea12f |
October 2015, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc7633.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC7919}[RFC7919]
|
|
Packit |
aea12f |
D. Gillmor, "Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS)",
|
|
Packit |
aea12f |
August 2016, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc7919.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC4514}[RFC4514]
|
|
Packit |
aea12f |
Kurt D. Zeilenga, "Lightweight Directory Access Protocol (LDAP): String Representation of Distinguished Names",
|
|
Packit |
aea12f |
June 2006, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc4513.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC4346}[RFC4346]
|
|
Packit |
aea12f |
Tim Dierks and Eric Rescorla, "The TLS Protocol Version 1.1", Match
|
|
Packit |
aea12f |
2006, Available from @url{https://www.ietf.org/rfc/rfc4346.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC4347}[RFC4347]
|
|
Packit |
aea12f |
Eric Rescorla and Nagendra Modadugu, "Datagram Transport Layer Security", April
|
|
Packit |
aea12f |
2006, Available from @url{https://www.ietf.org/rfc/rfc4347.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC5246}[RFC5246]
|
|
Packit |
aea12f |
Tim Dierks and Eric Rescorla, "The TLS Protocol Version 1.2", August
|
|
Packit |
aea12f |
2008, Available from @url{https://www.ietf.org/rfc/rfc5246.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC2440}[RFC2440]
|
|
Packit |
aea12f |
Jon Callas, Lutz Donnerhacke, Hal Finney and Rodney Thayer, "OpenPGP
|
|
Packit |
aea12f |
Message Format", November 1998, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc2440.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC4880}[RFC4880]
|
|
Packit |
aea12f |
Jon Callas, Lutz Donnerhacke, Hal Finney, David Shaw and Rodney
|
|
Packit |
aea12f |
Thayer, "OpenPGP Message Format", November 2007, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc4880.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC4211}[RFC4211]
|
|
Packit |
aea12f |
J. Schaad, "Internet X.509 Public Key Infrastructure Certificate
|
|
Packit |
aea12f |
Request Message Format (CRMF)", September 2005, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc4211.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC2817}[RFC2817]
|
|
Packit |
aea12f |
Rohit Khare and Scott Lawrence, "Upgrading to TLS Within HTTP/1.1",
|
|
Packit |
aea12f |
May 2000, Available from @url{https://www.ietf.org/rfc/rfc2817.txt}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC2818}[RFC2818]
|
|
Packit |
aea12f |
Eric Rescorla, "HTTP Over TLS", May 2000, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf/rfc/rfc2818.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC2945}[RFC2945]
|
|
Packit |
aea12f |
Tom Wu, "The SRP Authentication and Key Exchange System", September
|
|
Packit |
aea12f |
2000, Available from @url{https://www.ietf.org/rfc/rfc2945.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC7301}[RFC7301]
|
|
Packit |
aea12f |
S. Friedl, A. Popov, A. Langley, E. Stephan, "Transport Layer Security (TLS) Application-Layer Protocol Negotiation Extension",
|
|
Packit |
aea12f |
July 2014, Available from @url{https://www.ietf.org/rfc/rfc7301.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC2986}[RFC2986]
|
|
Packit |
aea12f |
Magnus Nystrom and Burt Kaliski, "PKCS 10 v1.7: Certification Request
|
|
Packit |
aea12f |
Syntax Specification", November 2000, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc2986.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{PKIX}[PKIX]
|
|
Packit |
aea12f |
D. Cooper, S. Santesson, S. Farrel, S. Boeyen, R. Housley, W. Polk,
|
|
Packit |
aea12f |
"Internet X.509 Public Key Infrastructure Certificate and Certificate
|
|
Packit |
aea12f |
Revocation List (CRL) Profile", May 2008, available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc5280.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC3749}[RFC3749]
|
|
Packit |
aea12f |
Scott Hollenbeck, "Transport Layer Security Protocol Compression
|
|
Packit |
aea12f |
Methods", May 2004, available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc3749.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC3820}[RFC3820]
|
|
Packit |
aea12f |
Steven Tuecke, Von Welch, Doug Engert, Laura Pearlman, and Mary
|
|
Packit |
aea12f |
Thompson, "Internet X.509 Public Key Infrastructure (PKI) Proxy
|
|
Packit |
aea12f |
Certificate Profile", June 2004, available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc3820}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC6520}[RFC6520]
|
|
Packit |
aea12f |
R. Seggelmann, M. Tuexen, and M. Williams, "Transport Layer Security (TLS) and
|
|
Packit |
aea12f |
Datagram Transport Layer Security (DTLS) Heartbeat Extension", February 2012, available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc6520}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC5746}[RFC5746]
|
|
Packit |
aea12f |
E. Rescorla, M. Ray, S. Dispensa, and N. Oskov, "Transport Layer
|
|
Packit |
aea12f |
Security (TLS) Renegotiation Indication Extension", February 2010,
|
|
Packit |
aea12f |
available from @url{https://www.ietf.org/rfc/rfc5746}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC5280}[RFC5280]
|
|
Packit |
aea12f |
D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and
|
|
Packit |
aea12f |
W. Polk, "Internet X.509 Public Key Infrastructure Certificate and
|
|
Packit |
aea12f |
Certificate Revocation List (CRL) Profile", May 2008, available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc5280}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{TLSTKT}[TLSTKT]
|
|
Packit |
aea12f |
Joseph Salowey, Hao Zhou, Pasi Eronen, Hannes Tschofenig, "Transport
|
|
Packit |
aea12f |
Layer Security (TLS) Session Resumption without Server-Side State",
|
|
Packit |
aea12f |
January 2008, available from @url{https://www.ietf.org/rfc/rfc5077}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{PKCS12}[PKCS12]
|
|
Packit |
aea12f |
RSA Laboratories, "PKCS 12 v1.0: Personal Information Exchange
|
|
Packit |
aea12f |
Syntax", June 1999, Available from @url{https://www.rsa.com}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{PKCS11}[PKCS11]
|
|
Packit |
aea12f |
RSA Laboratories, "PKCS #11 Base Functionality v2.30: Cryptoki – Draft 4",
|
|
Packit |
aea12f |
July 2009, Available from @url{https://www.rsa.com}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RESCORLA}[RESCORLA]
|
|
Packit |
aea12f |
Eric Rescorla, "SSL and TLS: Designing and Building Secure Systems",
|
|
Packit |
aea12f |
2001
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{SELKEY}[SELKEY]
|
|
Packit |
aea12f |
Arjen Lenstra and Eric Verheul, "Selecting Cryptographic Key Sizes",
|
|
Packit |
aea12f |
2003, available from @url{https://www.win.tue.nl/~klenstra/key.pdf}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{SSL3}[SSL3]
|
|
Packit |
aea12f |
Alan Freier, Philip Karlton and Paul Kocher, "The Secure Sockets Layer (SSL) Protocol Version 3.0",
|
|
Packit |
aea12f |
August 2011, Available from @url{https://www.ietf.org/rfc/rfc6101.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{STEVENS}[STEVENS]
|
|
Packit |
aea12f |
Richard Stevens, "UNIX Network Programming, Volume 1", Prentice Hall
|
|
Packit |
aea12f |
PTR, January 1998
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{TLSEXT}[TLSEXT]
|
|
Packit |
aea12f |
Simon Blake-Wilson, Magnus Nystrom, David Hopwood, Jan Mikkelsen and
|
|
Packit |
aea12f |
Tim Wright, "Transport Layer Security (TLS) Extensions", June 2003,
|
|
Packit |
aea12f |
Available from @url{https://www.ietf.org/rfc/rfc3546.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{TLSPGP}[TLSPGP]
|
|
Packit |
aea12f |
Nikos Mavrogiannopoulos, "Using OpenPGP keys for TLS authentication",
|
|
Packit |
aea12f |
January 2011. Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc6091.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{TLSSRP}[TLSSRP]
|
|
Packit |
aea12f |
David Taylor, Trevor Perrin, Tom Wu and Nikos Mavrogiannopoulos,
|
|
Packit |
aea12f |
"Using SRP for TLS Authentication", November 2007. Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc5054.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{TLSPSK}[TLSPSK]
|
|
Packit |
aea12f |
Pasi Eronen and Hannes Tschofenig, "Pre-shared key Ciphersuites for
|
|
Packit |
aea12f |
TLS", December 2005, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc4279.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{TOMSRP}[TOMSRP]
|
|
Packit |
aea12f |
Tom Wu, "The Stanford SRP Authentication Project", Available at
|
|
Packit |
aea12f |
@url{https://srp.stanford.edu/}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{WEGER}[WEGER]
|
|
Packit |
aea12f |
Arjen Lenstra and Xiaoyun Wang and Benne de Weger, "Colliding X.509
|
|
Packit |
aea12f |
Certificates", Cryptology ePrint Archive, Report 2005/067, Available
|
|
Packit |
aea12f |
at @url{https://eprint.iacr.org/}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{ECRYPT}[ECRYPT]
|
|
Packit |
aea12f |
European Network of Excellence in Cryptology II, "ECRYPT II Yearly
|
|
Packit |
aea12f |
Report on Algorithms and Keysizes (2009-2010)", Available
|
|
Packit |
aea12f |
at @url{https://www.ecrypt.eu.org/documents/D.SPA.13.pdf}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC5056}[RFC5056]
|
|
Packit |
aea12f |
N. Williams, "On the Use of Channel Bindings to Secure Channels",
|
|
Packit |
aea12f |
November 2007, available from @url{https://www.ietf.org/rfc/rfc5056}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC5764}[RFC5764]
|
|
Packit |
aea12f |
D. McGrew, E. Rescorla, "Datagram Transport Layer Security (DTLS) Extension to Establish Keys for the Secure Real-time Transport Protocol (SRTP)On the Use of Channel Bindings to Secure Channels",
|
|
Packit |
aea12f |
May 2010, available from @url{https://www.ietf.org/rfc/rfc5764}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC5929}[RFC5929]
|
|
Packit |
aea12f |
J. Altman, N. Williams, L. Zhu, "Channel Bindings for TLS", July 2010,
|
|
Packit |
aea12f |
available from @url{https://www.ietf.org/rfc/rfc5929}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{PKCS11URI}[PKCS11URI]
|
|
Packit |
aea12f |
J. Pechanec, D. Moffat, "The PKCS#11 URI Scheme", April 2015,
|
|
Packit |
aea12f |
available from @url{https://www.ietf.org/rfc/rfc7512}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{TPMURI}[TPMURI]
|
|
Packit |
aea12f |
C. Latze, N. Mavrogiannopoulos, "The TPMKEY URI Scheme", January 2013,
|
|
Packit |
aea12f |
Work in progress, available from @url{https://tools.ietf.org/html/draft-mavrogiannopoulos-tpmuri-01}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{ANDERSON}[ANDERSON]
|
|
Packit |
aea12f |
R. J. Anderson, "Security Engineering: A Guide to Building Dependable Distributed Systems",
|
|
Packit |
aea12f |
John Wiley \& Sons, Inc., 2001.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC4821}[RFC4821]
|
|
Packit |
aea12f |
M. Mathis, J. Heffner, "Packetization Layer Path MTU Discovery", March 2007,
|
|
Packit |
aea12f |
available from @url{https://www.ietf.org/rfc/rfc4821.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RFC2560}[RFC2560]
|
|
Packit |
aea12f |
M. Myers et al, "X.509 Internet Public Key Infrastructure Online
|
|
Packit |
aea12f |
Certificate Status Protocol - OCSP", June 1999, Available from
|
|
Packit |
aea12f |
@url{https://www.ietf.org/rfc/rfc2560.txt}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@item @anchor{RIVESTCRL}[RIVESTCRL]
|
|
Packit |
aea12f |
R. L. Rivest, "Can We Eliminate Certificate Revocation Lists?",
|
|
Packit |
aea12f |
Proceedings of Financial Cryptography '98; Springer Lecture Notes in
|
|
Packit |
aea12f |
Computer Science No. 1465 (Rafael Hirschfeld, ed.), February 1998),
|
|
Packit |
aea12f |
pages 178--183, available from
|
|
Packit |
aea12f |
@url{https://people.csail.mit.edu/rivest/Rivest-CanWeEliminateCertificateRevocationLists.pdf}.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@end table
|