[Ach] StartSSL for Business Sysadmins

Andreas Mirbach a.mirbach at me.com
Sun Jan 12 18:41:57 CET 2014


Okay got it.
Have you reviewed my poll fot the iis section?
Can i help with some testing in this section?

Sent from my iPad

> On 12.01.2014, at 18:35, "L. Aaron Kaplan" <kaplan at cert.at> wrote:
> 
> 
>> On Jan 12, 2014, at 6:24 PM, Andreas Mirbach <a.mirbach at me.com> wrote:
>> 
>> Hi Aaron,
>> 
>> in my opinion a security guide that discuss just a view cipher oders has no value at all. The document title is applied crypto hardening and it is aimed to be a copy and paste reference for sysadmins. In an "applied" real world scenario there are CAs involved in the crypto chain. It is essential to understand crypto security as a process of many things come and work together. It's not just some console commands and the use of commonly thusted ciphers.
> 
> Andreas,
> 
> you might be right but in the beginning we had to make some decisions what is "in scope" in the first version and "out of scope" and might be put into a later version or a different document (which of course should be referenced).
> 
> At that time, we all looked at the PKI issues and were saying to ourselves: "if we document all that we are never going to be finished " ;-) That's why became "out of scope" for the first version. 
> 
>> I agree with you that this i maybe a topic for a second document.
> 
> :)
> 
> ACK
> 
> 
> --- 
> // L. Aaron Kaplan <kaplan at cert.at> - T: +43 1 5056416 78
> // CERT Austria - http://www.cert.at/
> // Eine Initiative der nic.at GmbH - http://www.nic.at/
> // Firmenbuchnummer 172568b, LG Salzburg
> 
> 
> 
> 
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach



More information about the Ach mailing list