restructure wiki (again)

1 files changed, 25 insertions, 0 deletions

diff --git a/research/security.page b/research/security.page
new file mode 100644
index 0000000..14b7524
--- /dev/null
+++ b/research/security.page
@@ -0,0 +1,25 @@
+
+## Questions
+
+External attackers likely could/would port scan and be able to identify the
+device; is that a problem?
+
+## Pitfalls, Lessons Learned
+
+XSS attack to back out geo location of router: <http://samy.pl/mapxss/>
+
+## Links, Unsorted
+
+Advice on HTTPS: http://www.imperialviolet.org/2012/07/19/hope9talk.html
+
+[Tripphrases](http://worrydream.com/tripphrase/)
+
+plan9 security: [Factotum](http://doc.cat-v.org/plan_9/4th_edition/papers/auth)
+
+Users should probably have a single "root" GPG key for every distinct
+identity/persona that they present to the external world, and then generate
+subkeys for use with each host/device and external service. This allows more
+fine grained control over revokation and access control (eg, if a device is
+lost then suspend/revoke that key). An API or tools to help distribute
+certificates, signing information, and revokations would be helpful.
+