Security issues with Computers and other Information/Communications Technology

TPC

CMRG best practices currently recommends the use of a TrustedPhysicalConsole, also known as a TPC.

A TPC, combined with a healthy ​Public Key Infrastructure, ​strong cryptography, and backend server resources controlled by ​people ​you ​trust, provides for an unprecedented level of private, authenticated, global communications. However, most ICT users today don't know enough or have enough support to make good use of these tools.

TLS/X.509 workarounds

If you are trying to offer two separate name-based web services over HTTPS from a single IP address, you should look into using the SubjectAltName X.509 extension

network authentication schemes

• OpenID
• kerberos
• SAML
• OpenPGP
• X.509certs?

other links

Some pages worth reading when thinking about security in today's networked environment include:

• ​the W3C's analysis of security issues with HTTP/1.1
• ​Bruce Schenier's blog and web site
• ​the Debian Security Audit
• dkg's article about ​social flaws in the TLS protocol
• ​Microsoft, VeriSign, and Certificate Revocation by Gregory L. Guerin