Are you over 18 and want to see adult content?
More Annotations
Convert TIFF JPG EPS PCX PDF PNG PSD SVG TGA TIF CDR Online
Are you over 18 and want to see adult content?
Bellville Furniture – Furniture, Couches, Kitchen, Living Room, Accessories
Are you over 18 and want to see adult content?
Uw verhuisfirma en liftservice te Antwerpen | All Up Berchem
Are you over 18 and want to see adult content?
Senior24.dk - Alt til aktive og selvhjulpne Seniorer
Are you over 18 and want to see adult content?
Office Supplies & Furniture | Unbeatable Value | Viking Direct IE
Are you over 18 and want to see adult content?
Sales CRM (Customer Relationship Management) Software Management Tool | PipelineDeals
Are you over 18 and want to see adult content?
Improve the way you sell online through CedCommerce
Are you over 18 and want to see adult content?
Traghetti Sardegna: Scopri le offertissime 2019 e confronta i prezzi!
Are you over 18 and want to see adult content?
Favourite Annotations
A complete backup of https://museum-folkwang.de
Are you over 18 and want to see adult content?
A complete backup of https://susubendera.biz
Are you over 18 and want to see adult content?
A complete backup of https://ksa-g.com
Are you over 18 and want to see adult content?
A complete backup of https://auto4ums.lv
Are you over 18 and want to see adult content?
A complete backup of https://helfo.no
Are you over 18 and want to see adult content?
A complete backup of https://brevardzoo.org
Are you over 18 and want to see adult content?
A complete backup of https://secondwind.org
Are you over 18 and want to see adult content?
A complete backup of https://linuxforu.com
Are you over 18 and want to see adult content?
A complete backup of https://cymar.com.pe
Are you over 18 and want to see adult content?
A complete backup of https://138edu.com
Are you over 18 and want to see adult content?
A complete backup of https://prodomaines.com
Are you over 18 and want to see adult content?
A complete backup of https://myerp.pl
Are you over 18 and want to see adult content?
Text
DNSSEC WALKER
This is a proof-of-concept of a utility to download DNS zone contents even when AXFR is disabled on the server, assuming DNSSEC is used. Optionally it can also verify all digital signature RRs within a zone against the zone key. If you do not know what DNSSEC is, please refer to: RFC 2535. RFC 4033.INDEX OF /GSASL4WIN
The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
INSTALLATION, CONFIGURATION AND USAGE INSTRUCTIONS FOR NNIMAP Introduction. The intent of this document is to describe every aspect of nnimap at the user level. This document corresponds to nnimap 0.123. Please note that nnimap require that you use the latest Gnus series, called Pterodactyl Gnus. LIBTASN1 - JOSEFSSON Libtasn1 is a highly portable C library that encode and decode DER/BER data following a ASN.1 schema. Libtasn1 is used by Shishi and GnuTLS. Please see the Libtasn.1 homepage for more information. Last updated 2015-03-04 11:33:10 CET. GNU SASL FOR WINDOWS The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
4 LDAP AND DNS AS CERTIFICATE DIRECTORIESSEE MORE ON JOSEFSSON.ORG INLINE PGP IN E-MAIL IS BAD, MM'KAY? Some people don't regard the above as problems. Some people just don't care. Reluctantly, I have to admit that sending inline PGP can work reliable if you follow the following rules: Use only printable ASCII. Avoid starting lines with 'From ' or '-', to avoid issues caused by over-eager From-escaping, or space stuffing. Don't use format=flowed. USING KERBEROS V5 OVER THE TRANSPORT LAYER SECURITY (TLS 1. Introduction and Background. This document describe how a Kerberos V5 (Neuman, C., Yu, T., Hartman, S., and K. Raeburn, “The Kerberos Network Authentication Service (V5),” July 2005.) implementation may upgrade communication between clients and Key Distribution Centers (KDCs) to use the Transport Layer Security (TLS) (Dierks, T. and E. Rescorla, “The Transport LayerGNUTLS FOR WINDOWS
Some of the command line tools (e.g., gnutls-cli) uses select() to check whether there is data to be read from stdin or from the network. The select function doesn't work with file descriptors under Windows, so this currently does not work. ABOUT SIMON JOSEFSSON DATAKONSULT (SJD) About Simon Josefsson Datakonsult (SJD) SJD implement and standardize network security protocols. Our solutions are often used in the wireless and embedded markets. We are committed to producing the highest quality software packages and support them in the long-term. Our projects are community reviewed and we work with free software.DNSSEC WALKER
This is a proof-of-concept of a utility to download DNS zone contents even when AXFR is disabled on the server, assuming DNSSEC is used. Optionally it can also verify all digital signature RRs within a zone against the zone key. If you do not know what DNSSEC is, please refer to: RFC 2535. RFC 4033.INDEX OF /GSASL4WIN
The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
INSTALLATION, CONFIGURATION AND USAGE INSTRUCTIONS FOR NNIMAP Introduction. The intent of this document is to describe every aspect of nnimap at the user level. This document corresponds to nnimap 0.123. Please note that nnimap require that you use the latest Gnus series, called Pterodactyl Gnus. LIBTASN1 - JOSEFSSON Libtasn1 is a highly portable C library that encode and decode DER/BER data following a ASN.1 schema. Libtasn1 is used by Shishi and GnuTLS. Please see the Libtasn.1 homepage for more information. Last updated 2015-03-04 11:33:10 CET. GNU SASL FOR WINDOWS The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
4 LDAP AND DNS AS CERTIFICATE DIRECTORIESSEE MORE ON JOSEFSSON.ORG INLINE PGP IN E-MAIL IS BAD, MM'KAY? Some people don't regard the above as problems. Some people just don't care. Reluctantly, I have to admit that sending inline PGP can work reliable if you follow the following rules: Use only printable ASCII. Avoid starting lines with 'From ' or '-', to avoid issues caused by over-eager From-escaping, or space stuffing. Don't use format=flowed. USING KERBEROS V5 OVER THE TRANSPORT LAYER SECURITY (TLS 1. Introduction and Background. This document describe how a Kerberos V5 (Neuman, C., Yu, T., Hartman, S., and K. Raeburn, “The Kerberos Network Authentication Service (V5),” July 2005.) implementation may upgrade communication between clients and Key Distribution Centers (KDCs) to use the Transport Layer Security (TLS) (Dierks, T. and E. Rescorla, “The Transport LayerGNUTLS FOR WINDOWS
Some of the command line tools (e.g., gnutls-cli) uses select() to check whether there is data to be read from stdin or from the network. The select function doesn't work with file descriptors under Windows, so this currently does not work. JUNE 2021 – SIMON JOSEFSSON'S BLOG Simple Authentication and Security Layer (SASL, RFC4422) is the framework that was abstracted from the IMAP and POP protocols.Among the most popular mechanisms are PLAIN (clear-text passwords, usually under TLS), CRAM-MD5 (), and GSSAPI (for Kerberos V5).The DIGEST-MD5 mechanism was an attempt to improve upon the CRAM-MD5 mechanism, but ended up introducing a lot of complexity and WHAT’S WRONG WITH SCRAM? Simple Authentication and Security Layer (SASL, RFC4422) is the framework that was abstracted from the IMAP and POP protocols.Among the most popular mechanisms are PLAIN (clear-text passwords, usually under TLS), CRAM-MD5 (), and GSSAPI (for Kerberos V5).The DIGEST-MD5 mechanism was an attempt to improve upon the CRAM-MD5 mechanism, but ended up introducing a AUTOBUILD - JOSEFSSON Autobuild. Autobuild is a package that process output from building software, primarily focused on packages using Autoconf and Automake, and then generate a HTML summary file, containing links to each build log.The output include project name, version, build host types (cross compile aware), compiler host name, date of build, and indication ofsuccess or failure.
USING GSS-API MECHANISMS IN SASL: THE GS2 MECHANISM FAMILY Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family. This work is sponsored by Simon Josefsson Datakonsult AB. If you need commercial help with utilizing this technology, or have a related project that you want help with, please feel free to contact me.If you find my work in this area useful, also please consider making a donation.TRY GNU LIBIDN
Try GNU Libidn. This page allows you to try the string preparation, punycode encode/decode and ToASCII/ToUnicode operations of GNU Libidn.If you encounter a problem with this page, write a (detailed!) report to bug-libidn@gnu.org. If you are interested in commercial support or enhancement of Libidn, you can contact me.. Free shrimp sandwiches are served over here (or here if you want the SHISHI AND GENERIC SECURITY SERVICE (GSS) GSS is our implementation of the GSS-API framework. Currently it support the Kerberos V5 mechanism (through Shishi) but it is flexible enough to support any mechanism. HOW TO REACH SIMON JOSEFSSON DATAKONSULT Postal/Visiting Address: Johan Olof Wallins väg 13. SE-161 64 Solna,Sweden.
GNUTLS - JOSEFSSON
GnuTLS is an implementation of the Transport Layer Security (TLS) protocol, also known as SSL. LIBTASN1 - JOSEFSSON Libtasn1 is a highly portable C library that encode and decode DER/BER data following a ASN.1 schema. Libtasn1 is used by Shishi and GnuTLS. Please see the Libtasn.1 homepage for more information. Last updated 2015-03-04 11:33:10 CET.EMACS SIEVE MANUAL
Emacs Sieve Manual. This manual documents the Emacs Sieve package. It is intended as a users manual for Sieve Mode and Manage Sieve, and as a reference manual for the `sieve-manage' protocol Emacs Lisp API. Sieve is a language for server-side filtering of mail. ABOUT SIMON JOSEFSSON DATAKONSULT (SJD) About Simon Josefsson Datakonsult (SJD) SJD implement and standardize network security protocols. Our solutions are often used in the wireless and embedded markets. We are committed to producing the highest quality software packages and support them in the long-term. Our projects are community reviewed and we work with free software. SIMON JOSEFSSON'S BLOG Below I describe how to generate an OpenPGP key and import it to a FST-01G device running Gnuk. See my earlier post on planning for my new OpenPGP key and the post on preparing the FST-01G to run Gnuk.For comparison with a RSA/YubiKey based approach, you can read about my setup from 2014.. Most of the steps below are covered by the Gnuk manual.The primary complication for me is the useINDEX OF /GSASL4WIN
The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
TRY GNU LIBIDN
Try GNU Libidn. This page allows you to try the string preparation, punycode encode/decode and ToASCII/ToUnicode operations of GNU Libidn.If you encounter a problem with this page, write a (detailed!) report to bug-libidn@gnu.org. If you are interested in commercial support or enhancement of Libidn, you can contact me.. Free shrimp sandwiches are served over here (or here if you want the USING GSS-API MECHANISMS IN SASL: THE GS2 MECHANISM FAMILY Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family. This work is sponsored by Simon Josefsson Datakonsult AB. If you need commercial help with utilizing this technology, or have a related project that you want help with, please feel free to contact me.If you find my work in this area useful, also please consider making a donation. INSTALLATION, CONFIGURATION AND USAGE INSTRUCTIONS FOR NNIMAP Introduction. The intent of this document is to describe every aspect of nnimap at the user level. This document corresponds to nnimap 0.123. Please note that nnimap require that you use the latest Gnus series, called Pterodactyl Gnus. GNU SASL FOR WINDOWS The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
USING KERBEROS V5 OVER THE TRANSPORT LAYER SECURITY (TLS 1. Introduction and Background. This document describe how a Kerberos V5 (Neuman, C., Yu, T., Hartman, S., and K. Raeburn, “The Kerberos Network Authentication Service (V5),” July 2005.) implementation may upgrade communication between clients and Key Distribution Centers (KDCs) to use the Transport Layer Security (TLS) (Dierks, T. and E. Rescorla, “The Transport Layer INLINE PGP IN E-MAIL IS BAD, MM'KAY? Some people don't regard the above as problems. Some people just don't care. Reluctantly, I have to admit that sending inline PGP can work reliable if you follow the following rules: Use only printable ASCII. Avoid starting lines with 'From ' or '-', to avoid issues caused by over-eager From-escaping, or space stuffing. Don't use format=flowed. TLS ATTACKS AND STREAM CIPHERS TLS Lucky-13 Attack RFC 5246: In general, the best way to do this is to compute the MAC even if the padding is incorrect, and only thenreject the packet.
ABOUT SIMON JOSEFSSON DATAKONSULT (SJD) About Simon Josefsson Datakonsult (SJD) SJD implement and standardize network security protocols. Our solutions are often used in the wireless and embedded markets. We are committed to producing the highest quality software packages and support them in the long-term. Our projects are community reviewed and we work with free software. SIMON JOSEFSSON'S BLOG Below I describe how to generate an OpenPGP key and import it to a FST-01G device running Gnuk. See my earlier post on planning for my new OpenPGP key and the post on preparing the FST-01G to run Gnuk.For comparison with a RSA/YubiKey based approach, you can read about my setup from 2014.. Most of the steps below are covered by the Gnuk manual.The primary complication for me is the useINDEX OF /GSASL4WIN
The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
TRY GNU LIBIDN
Try GNU Libidn. This page allows you to try the string preparation, punycode encode/decode and ToASCII/ToUnicode operations of GNU Libidn.If you encounter a problem with this page, write a (detailed!) report to bug-libidn@gnu.org. If you are interested in commercial support or enhancement of Libidn, you can contact me.. Free shrimp sandwiches are served over here (or here if you want the USING GSS-API MECHANISMS IN SASL: THE GS2 MECHANISM FAMILY Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family. This work is sponsored by Simon Josefsson Datakonsult AB. If you need commercial help with utilizing this technology, or have a related project that you want help with, please feel free to contact me.If you find my work in this area useful, also please consider making a donation. INSTALLATION, CONFIGURATION AND USAGE INSTRUCTIONS FOR NNIMAP Introduction. The intent of this document is to describe every aspect of nnimap at the user level. This document corresponds to nnimap 0.123. Please note that nnimap require that you use the latest Gnus series, called Pterodactyl Gnus. GNU SASL FOR WINDOWS The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
USING KERBEROS V5 OVER THE TRANSPORT LAYER SECURITY (TLS 1. Introduction and Background. This document describe how a Kerberos V5 (Neuman, C., Yu, T., Hartman, S., and K. Raeburn, “The Kerberos Network Authentication Service (V5),” July 2005.) implementation may upgrade communication between clients and Key Distribution Centers (KDCs) to use the Transport Layer Security (TLS) (Dierks, T. and E. Rescorla, “The Transport Layer INLINE PGP IN E-MAIL IS BAD, MM'KAY? Some people don't regard the above as problems. Some people just don't care. Reluctantly, I have to admit that sending inline PGP can work reliable if you follow the following rules: Use only printable ASCII. Avoid starting lines with 'From ' or '-', to avoid issues caused by over-eager From-escaping, or space stuffing. Don't use format=flowed. TLS ATTACKS AND STREAM CIPHERS TLS Lucky-13 Attack RFC 5246: In general, the best way to do this is to compute the MAC even if the padding is incorrect, and only thenreject the packet.
JUNE 2021 – SIMON JOSEFSSON'S BLOG Simple Authentication and Security Layer (SASL, RFC4422) is the framework that was abstracted from the IMAP and POP protocols.Among the most popular mechanisms are PLAIN (clear-text passwords, usually under TLS), CRAM-MD5 (), and GSSAPI (for Kerberos V5).The DIGEST-MD5 mechanism was an attempt to improve upon the CRAM-MD5 mechanism, but ended up introducing a lot of complexity and WHAT’S WRONG WITH SCRAM? Simple Authentication and Security Layer (SASL, RFC4422) is the framework that was abstracted from the IMAP and POP protocols.Among the most popular mechanisms are PLAIN (clear-text passwords, usually under TLS), CRAM-MD5 (), and GSSAPI (for Kerberos V5).The DIGEST-MD5 mechanism was an attempt to improve upon the CRAM-MD5 mechanism, but ended up introducing a THE BASE16, BASE32, AND BASE64 DATA ENCODINGS The Base16, Base32, and Base64 Data Encodings. This work is sponsored by Simon Josefsson Datakonsult AB. If you need commercial help with utilizing this technology, or have a related project that you want help with, please feel free to contact me.If you find my work in this area useful, also please consider making a donation.VARIOUS STUFF
This page contain links to various other projects I have been workingon.
DNSSEC WALKER
This is a proof-of-concept of a utility to download DNS zone contents even when AXFR is disabled on the server, assuming DNSSEC is used. Optionally it can also verify all digital signature RRs within a zone against the zone key. If you do not know what DNSSEC is, please refer to: RFC 2535. RFC 4033. INTERNATIONALIZED DOMAIN NAME LIBRARY (LIBIDN) Internationalized Domain Name Library (LibIDN) LibIDN is our implementation of the StringPrep, Punycode and IDNA technologies. LibIDN is intended to be used by applications or libraries that deal with international character strings, and in particular international domain names. LibIDN is available for use in C, C++, Java, C# andEmacs Lisp.
5 DNS SECURITY CONSIDERATIONS We now describe how this new information is used in a clever way to achieve a ``non-existence proof''. Entity A queries for a non-existent key maria.josefsson.org.The server replies with a tuple, (lotta.josefsson.org, Next key: simon.josefsson. org). 4 LDAP AND DNS AS CERTIFICATE DIRECTORIES Another way to see why LDAP and DNS are the two most relevant choices to consider is by looking at the currently most used certificate implementation on the Internet, the X.509-derived PKIX. X.509 certificates were designed to be used with the X.500 directory service. LDAP can be seen as ``X.500 for the Internet''.EMACS SMTP LIBRARY
smtpmail-smtp-service. The variable smtpmail-smtp-service controls the port on the server to contact. It is either a string, in which case it will be translated into an integer using system calls, or an integer. The following example illustrates what you could put in ~/.emacs to set the SMTP service port. INDEX OF /UCLINUX/OLD Note that the modified config.h files uses the #include to find out the endian-ness of the platform. If that header file is unavailable or incorrect, you'll have to modify endian-ness yourself by setting WORDS_BIGENDIAN correctly. ABOUT SIMON JOSEFSSON DATAKONSULT (SJD) About Simon Josefsson Datakonsult (SJD) SJD implement and standardize network security protocols. Our solutions are often used in the wireless and embedded markets. We are committed to producing the highest quality software packages and support them in the long-term. Our projects are community reviewed and we work with free software. SIMON JOSEFSSON'S BLOG Below I describe how to generate an OpenPGP key and import it to a FST-01G device running Gnuk. See my earlier post on planning for my new OpenPGP key and the post on preparing the FST-01G to run Gnuk.For comparison with a RSA/YubiKey based approach, you can read about my setup from 2014.. Most of the steps below are covered by the Gnuk manual.The primary complication for me is the useINDEX OF /GSASL4WIN
The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
TRY GNU LIBIDN
Try GNU Libidn. This page allows you to try the string preparation, punycode encode/decode and ToASCII/ToUnicode operations of GNU Libidn.If you encounter a problem with this page, write a (detailed!) report to bug-libidn@gnu.org. If you are interested in commercial support or enhancement of Libidn, you can contact me.. Free shrimp sandwiches are served over here (or here if you want the USING GSS-API MECHANISMS IN SASL: THE GS2 MECHANISM FAMILY Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family. This work is sponsored by Simon Josefsson Datakonsult AB. If you need commercial help with utilizing this technology, or have a related project that you want help with, please feel free to contact me.If you find my work in this area useful, also please consider making a donation. INSTALLATION, CONFIGURATION AND USAGE INSTRUCTIONS FOR NNIMAP Introduction. The intent of this document is to describe every aspect of nnimap at the user level. This document corresponds to nnimap 0.123. Please note that nnimap require that you use the latest Gnus series, called Pterodactyl Gnus. GNU SASL FOR WINDOWS The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
USING KERBEROS V5 OVER THE TRANSPORT LAYER SECURITY (TLS 1. Introduction and Background. This document describe how a Kerberos V5 (Neuman, C., Yu, T., Hartman, S., and K. Raeburn, “The Kerberos Network Authentication Service (V5),” July 2005.) implementation may upgrade communication between clients and Key Distribution Centers (KDCs) to use the Transport Layer Security (TLS) (Dierks, T. and E. Rescorla, “The Transport Layer INLINE PGP IN E-MAIL IS BAD, MM'KAY? Some people don't regard the above as problems. Some people just don't care. Reluctantly, I have to admit that sending inline PGP can work reliable if you follow the following rules: Use only printable ASCII. Avoid starting lines with 'From ' or '-', to avoid issues caused by over-eager From-escaping, or space stuffing. Don't use format=flowed. TLS ATTACKS AND STREAM CIPHERS TLS Lucky-13 Attack RFC 5246: In general, the best way to do this is to compute the MAC even if the padding is incorrect, and only thenreject the packet.
ABOUT SIMON JOSEFSSON DATAKONSULT (SJD) About Simon Josefsson Datakonsult (SJD) SJD implement and standardize network security protocols. Our solutions are often used in the wireless and embedded markets. We are committed to producing the highest quality software packages and support them in the long-term. Our projects are community reviewed and we work with free software. SIMON JOSEFSSON'S BLOG Below I describe how to generate an OpenPGP key and import it to a FST-01G device running Gnuk. See my earlier post on planning for my new OpenPGP key and the post on preparing the FST-01G to run Gnuk.For comparison with a RSA/YubiKey based approach, you can read about my setup from 2014.. Most of the steps below are covered by the Gnuk manual.The primary complication for me is the useINDEX OF /GSASL4WIN
The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
TRY GNU LIBIDN
Try GNU Libidn. This page allows you to try the string preparation, punycode encode/decode and ToASCII/ToUnicode operations of GNU Libidn.If you encounter a problem with this page, write a (detailed!) report to bug-libidn@gnu.org. If you are interested in commercial support or enhancement of Libidn, you can contact me.. Free shrimp sandwiches are served over here (or here if you want the USING GSS-API MECHANISMS IN SASL: THE GS2 MECHANISM FAMILY Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family. This work is sponsored by Simon Josefsson Datakonsult AB. If you need commercial help with utilizing this technology, or have a related project that you want help with, please feel free to contact me.If you find my work in this area useful, also please consider making a donation. INSTALLATION, CONFIGURATION AND USAGE INSTRUCTIONS FOR NNIMAP Introduction. The intent of this document is to describe every aspect of nnimap at the user level. This document corresponds to nnimap 0.123. Please note that nnimap require that you use the latest Gnus series, called Pterodactyl Gnus. GNU SASL FOR WINDOWS The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
USING KERBEROS V5 OVER THE TRANSPORT LAYER SECURITY (TLS 1. Introduction and Background. This document describe how a Kerberos V5 (Neuman, C., Yu, T., Hartman, S., and K. Raeburn, “The Kerberos Network Authentication Service (V5),” July 2005.) implementation may upgrade communication between clients and Key Distribution Centers (KDCs) to use the Transport Layer Security (TLS) (Dierks, T. and E. Rescorla, “The Transport Layer INLINE PGP IN E-MAIL IS BAD, MM'KAY? Some people don't regard the above as problems. Some people just don't care. Reluctantly, I have to admit that sending inline PGP can work reliable if you follow the following rules: Use only printable ASCII. Avoid starting lines with 'From ' or '-', to avoid issues caused by over-eager From-escaping, or space stuffing. Don't use format=flowed. TLS ATTACKS AND STREAM CIPHERS TLS Lucky-13 Attack RFC 5246: In general, the best way to do this is to compute the MAC even if the padding is incorrect, and only thenreject the packet.
JUNE 2021 – SIMON JOSEFSSON'S BLOG Simple Authentication and Security Layer (SASL, RFC4422) is the framework that was abstracted from the IMAP and POP protocols.Among the most popular mechanisms are PLAIN (clear-text passwords, usually under TLS), CRAM-MD5 (), and GSSAPI (for Kerberos V5).The DIGEST-MD5 mechanism was an attempt to improve upon the CRAM-MD5 mechanism, but ended up introducing a lot of complexity and WHAT’S WRONG WITH SCRAM? Simple Authentication and Security Layer (SASL, RFC4422) is the framework that was abstracted from the IMAP and POP protocols.Among the most popular mechanisms are PLAIN (clear-text passwords, usually under TLS), CRAM-MD5 (), and GSSAPI (for Kerberos V5).The DIGEST-MD5 mechanism was an attempt to improve upon the CRAM-MD5 mechanism, but ended up introducing a THE BASE16, BASE32, AND BASE64 DATA ENCODINGS The Base16, Base32, and Base64 Data Encodings. This work is sponsored by Simon Josefsson Datakonsult AB. If you need commercial help with utilizing this technology, or have a related project that you want help with, please feel free to contact me.If you find my work in this area useful, also please consider making a donation.VARIOUS STUFF
This page contain links to various other projects I have been workingon.
DNSSEC WALKER
This is a proof-of-concept of a utility to download DNS zone contents even when AXFR is disabled on the server, assuming DNSSEC is used. Optionally it can also verify all digital signature RRs within a zone against the zone key. If you do not know what DNSSEC is, please refer to: RFC 2535. RFC 4033. INTERNATIONALIZED DOMAIN NAME LIBRARY (LIBIDN) Internationalized Domain Name Library (LibIDN) LibIDN is our implementation of the StringPrep, Punycode and IDNA technologies. LibIDN is intended to be used by applications or libraries that deal with international character strings, and in particular international domain names. LibIDN is available for use in C, C++, Java, C# andEmacs Lisp.
5 DNS SECURITY CONSIDERATIONS We now describe how this new information is used in a clever way to achieve a ``non-existence proof''. Entity A queries for a non-existent key maria.josefsson.org.The server replies with a tuple, (lotta.josefsson.org, Next key: simon.josefsson. org). 4 LDAP AND DNS AS CERTIFICATE DIRECTORIES Another way to see why LDAP and DNS are the two most relevant choices to consider is by looking at the currently most used certificate implementation on the Internet, the X.509-derived PKIX. X.509 certificates were designed to be used with the X.500 directory service. LDAP can be seen as ``X.500 for the Internet''.EMACS SMTP LIBRARY
smtpmail-smtp-service. The variable smtpmail-smtp-service controls the port on the server to contact. It is either a string, in which case it will be translated into an integer using system calls, or an integer. The following example illustrates what you could put in ~/.emacs to set the SMTP service port. INDEX OF /UCLINUX/OLD Note that the modified config.h files uses the #include to find out the endian-ness of the platform. If that header file is unavailable or incorrect, you'll have to modify endian-ness yourself by setting WORDS_BIGENDIAN correctly. ABOUT SIMON JOSEFSSON DATAKONSULT (SJD) About Simon Josefsson Datakonsult (SJD) SJD implement and standardize network security protocols. Our solutions are often used in the wireless and embedded markets. We are committed to producing the highest quality software packages and support them in the long-term. Our projects are community reviewed and we work with free software.INDEX OF /GSASL4WIN
The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
SIMON JOSEFSSON'S BLOG Below I describe how to generate an OpenPGP key and import it to a FST-01G device running Gnuk. See my earlier post on planning for my new OpenPGP key and the post on preparing the FST-01G to run Gnuk.For comparison with a RSA/YubiKey based approach, you can read about my setup from 2014.. Most of the steps below are covered by the Gnuk manual.The primary complication for me is the use USING GSS-API MECHANISMS IN SASL: THE GS2 MECHANISM FAMILY Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family. This work is sponsored by Simon Josefsson Datakonsult AB. If you need commercial help with utilizing this technology, or have a related project that you want help with, please feel free to contact me.If you find my work in this area useful, also please consider making a donation. INSTALLATION, CONFIGURATION AND USAGE INSTRUCTIONS FOR NNIMAP Introduction. The intent of this document is to describe every aspect of nnimap at the user level. This document corresponds to nnimap 0.123. Please note that nnimap require that you use the latest Gnus series, called Pterodactyl Gnus. GNU SASL FOR WINDOWS The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
SHISHI AND GENERIC SECURITY SERVICE (GSS) GSS is our implementation of the GSS-API framework. Currently it support the Kerberos V5 mechanism (through Shishi) but it is flexible enough to support any mechanism. USING KERBEROS V5 OVER THE TRANSPORT LAYER SECURITY (TLS 1. Introduction and Background. This document describe how a Kerberos V5 (Neuman, C., Yu, T., Hartman, S., and K. Raeburn, “The Kerberos Network Authentication Service (V5),” July 2005.) implementation may upgrade communication between clients and Key Distribution Centers (KDCs) to use the Transport Layer Security (TLS) (Dierks, T. and E. Rescorla, “The Transport Layer INLINE PGP IN E-MAIL IS BAD, MM'KAY? Some people don't regard the above as problems. Some people just don't care. Reluctantly, I have to admit that sending inline PGP can work reliable if you follow the following rules: Use only printable ASCII. Avoid starting lines with 'From ' or '-', to avoid issues caused by over-eager From-escaping, or space stuffing. Don't use format=flowed. TLS ATTACKS AND STREAM CIPHERS TLS attacks and stream ciphers Sec-heads Linköping 12-13 Februari 2013 Simon Josefsson simon@josefsson.org ABOUT SIMON JOSEFSSON DATAKONSULT (SJD) About Simon Josefsson Datakonsult (SJD) SJD implement and standardize network security protocols. Our solutions are often used in the wireless and embedded markets. We are committed to producing the highest quality software packages and support them in the long-term. Our projects are community reviewed and we work with free software.INDEX OF /GSASL4WIN
The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
SIMON JOSEFSSON'S BLOG Below I describe how to generate an OpenPGP key and import it to a FST-01G device running Gnuk. See my earlier post on planning for my new OpenPGP key and the post on preparing the FST-01G to run Gnuk.For comparison with a RSA/YubiKey based approach, you can read about my setup from 2014.. Most of the steps below are covered by the Gnuk manual.The primary complication for me is the use USING GSS-API MECHANISMS IN SASL: THE GS2 MECHANISM FAMILY Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family. This work is sponsored by Simon Josefsson Datakonsult AB. If you need commercial help with utilizing this technology, or have a related project that you want help with, please feel free to contact me.If you find my work in this area useful, also please consider making a donation. INSTALLATION, CONFIGURATION AND USAGE INSTRUCTIONS FOR NNIMAP Introduction. The intent of this document is to describe every aspect of nnimap at the user level. This document corresponds to nnimap 0.123. Please note that nnimap require that you use the latest Gnus series, called Pterodactyl Gnus. GNU SASL FOR WINDOWS The core GNU SASL library is available under the LGPLv2+ license. The command line tool gsasl is available under the GPLv3+ license. This documentation and the build scripts (e.g., Makefile) are licensedunder the GPLv3+.
SHISHI AND GENERIC SECURITY SERVICE (GSS) GSS is our implementation of the GSS-API framework. Currently it support the Kerberos V5 mechanism (through Shishi) but it is flexible enough to support any mechanism. USING KERBEROS V5 OVER THE TRANSPORT LAYER SECURITY (TLS 1. Introduction and Background. This document describe how a Kerberos V5 (Neuman, C., Yu, T., Hartman, S., and K. Raeburn, “The Kerberos Network Authentication Service (V5),” July 2005.) implementation may upgrade communication between clients and Key Distribution Centers (KDCs) to use the Transport Layer Security (TLS) (Dierks, T. and E. Rescorla, “The Transport Layer INLINE PGP IN E-MAIL IS BAD, MM'KAY? Some people don't regard the above as problems. Some people just don't care. Reluctantly, I have to admit that sending inline PGP can work reliable if you follow the following rules: Use only printable ASCII. Avoid starting lines with 'From ' or '-', to avoid issues caused by over-eager From-escaping, or space stuffing. Don't use format=flowed. TLS ATTACKS AND STREAM CIPHERS TLS attacks and stream ciphers Sec-heads Linköping 12-13 Februari 2013 Simon Josefsson simon@josefsson.org JUNE 2021 – SIMON JOSEFSSON'S BLOG Simple Authentication and Security Layer (SASL, RFC4422) is the framework that was abstracted from the IMAP and POP protocols.Among the most popular mechanisms are PLAIN (clear-text passwords, usually under TLS), CRAM-MD5 (), and GSSAPI (for Kerberos V5).The DIGEST-MD5 mechanism was an attempt to improve upon the CRAM-MD5 mechanism, but ended up introducing a lot of complexity and WHAT’S WRONG WITH SCRAM? Simple Authentication and Security Layer (SASL, RFC4422) is the framework that was abstracted from the IMAP and POP protocols.Among the most popular mechanisms are PLAIN (clear-text passwords, usually under TLS), CRAM-MD5 (), and GSSAPI (for Kerberos V5).The DIGEST-MD5 mechanism was an attempt to improve upon the CRAM-MD5 mechanism, but ended up introducing a SIMON JOSEFSSON'S BLOG Below I describe how to generate an OpenPGP key and import it to a FST-01G device running Gnuk. See my earlier post on planning for my new OpenPGP key and the post on preparing the FST-01G to run Gnuk.For comparison with a RSA/YubiKey based approach, you can read about my setup from 2014.. Most of the steps below are covered by the Gnuk manual.The primary complication for me is the use GDOC - C DOCUMENTATION TOOL - JOSEFSSON GDOC - C Documentation Tool. This page explains the documentation tool I use in Libidn, GNU SASL, Shishi and other projects. It is based on an old version of GNOME's GTK-DOC tools, but (I believe) I first noticed it from how it was used in GNUTLS. My memory may be incorrectthough.
DNSSEC WALKER
This is a proof-of-concept of a utility to download DNS zone contents even when AXFR is disabled on the server, assuming DNSSEC is used. Optionally it can also verify all digital signature RRs within a zone against the zone key. If you do not know what DNSSEC is, please refer to: RFC 2535. RFC 4033. SHISHI AND GENERIC SECURITY SERVICE (GSS) GSS is our implementation of the GSS-API framework. Currently it support the Kerberos V5 mechanism (through Shishi) but it is flexible enough to support any mechanism.TRY GNU LIBIDN
Try GNU Libidn. This page allows you to try the string preparation, punycode encode/decode and ToASCII/ToUnicode operations of GNU Libidn.If you encounter a problem with this page, write a (detailed!) report to bug-libidn@gnu.org. If you are interested in commercial support or enhancement of Libidn, you can contact me.. Free shrimp sandwiches are served over here (or here if you want the HOW TO REACH SIMON JOSEFSSON DATAKONSULT Postal/Visiting Address: Johan Olof Wallins väg 13. SE-161 64 Solna,Sweden.
RIJNDAEL IMPLEMENTATION IN EMACS LISP Rijndael was recently chosen as the Advanced Encryption Standard by NIST. Further information about Rijndael can be found at: My implementation is available online . Currently it supports encryption and decryption in ECB mode using 128, 160, 192, 224 and 256 bit long keys. It includes routines to generate tables, similar to thosegenerated by
OPENWRT WORK
OpenWRT is an open source GNU/Linux distribution for wireless routers and other small devices. This page collect links to some of our OpenWRT related work. Simon Josefsson Datakonsult ABHome
Contact
Consulting
Publications
-------------------------Projects
LibIDN
GSASL
Shishi & GSS
GnuTLS
Libtasn1
LibNTLM
OpenWRT
-------------------------Various
ABOUT SIMON JOSEFSSON DATAKONSULT (SJD) SJD implement and standardize network security protocols. Our solutions are often used in the wireless and embedded markets. We are committed to producing the highest quality software packages and support them in the long-term. Our projects are community reviewed and we work with free software. We are based in Stockholm and work with international customers overthe Internet.
Also see Simon Josefsson’s blog for some of our thoughts and ideas in a more informal manner.EXPERTISE
We are primarily working with network security and internationalization technologies related to:*
Kerberos,
*
SASL,
*
GSS-API,
*
TLS,
*
IDN, Unicode,
*
EAP, IEEE 802.1x, PEAP, TTLS,*
DNSSEC,
*
OpenPGP, and
*
OpenID
We support our in-house implementations of these technologies, and also provide leadership in the standardization process. CUSTOMERS AND PARTNERSCypak
E-Advies
Haxx
Lumiad
RCOM Software
The Written Word
Transcend IT
Yubico
ASSOCIATIONS
(contributing member)(certified partner)
Last updated 2015-03-04 11:33:08 CET Copyright © 2012 Simon Josefsson. All rights reserved.Details
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0