diff options
author | bnewbold <bnewbold@robocracy.org> | 2012-09-13 15:12:36 +0200 |
---|---|---|
committer | bnewbold <bnewbold@robocracy.org> | 2012-09-13 15:12:36 +0200 |
commit | 8f99ba04a780aa9302c62c738d88ab8017d73bca (patch) | |
tree | 1bd1a84f7e11fec1ab9fa7cb7e4844e1400508be /security.page | |
parent | a1c66abf6f85b086bf3cd979109913c8cb321c3e (diff) | |
download | rooter_wiki-8f99ba04a780aa9302c62c738d88ab8017d73bca.tar.gz rooter_wiki-8f99ba04a780aa9302c62c738d88ab8017d73bca.zip |
restructure wiki (again)
Diffstat (limited to 'security.page')
-rw-r--r-- | security.page | 25 |
1 files changed, 0 insertions, 25 deletions
diff --git a/security.page b/security.page deleted file mode 100644 index 14b7524..0000000 --- a/security.page +++ /dev/null @@ -1,25 +0,0 @@ - -## Questions - -External attackers likely could/would port scan and be able to identify the -device; is that a problem? - -## Pitfalls, Lessons Learned - -XSS attack to back out geo location of router: <http://samy.pl/mapxss/> - -## Links, Unsorted - -Advice on HTTPS: http://www.imperialviolet.org/2012/07/19/hope9talk.html - -[Tripphrases](http://worrydream.com/tripphrase/) - -plan9 security: [Factotum](http://doc.cat-v.org/plan_9/4th_edition/papers/auth) - -Users should probably have a single "root" GPG key for every distinct -identity/persona that they present to the external world, and then generate -subkeys for use with each host/device and external service. This allows more -fine grained control over revokation and access control (eg, if a device is -lost then suspend/revoke that key). An API or tools to help distribute -certificates, signing information, and revokations would be helpful. - |