|
TLSA
DNS-based Authentication of Named Entities (DANE) is an Internet security protocol to allow X.509 digital certificates, commonly used for Transport Layer Security (TLS), to be bound to domain names using Domain Name System Security Extensions (DNSSEC). It is proposed in as a way to authenticate TLS client and server entities without a certificate authority ( CA). It is updated with operational and deployment guidance in . Application specific usage of DANE is defined in for SMTP and for using DANE with Service (SRV) records. Rationale TLS/SSL encryption is currently based on certificates issued by certificate authorities (CAs). Within the last few years, a number of CA providers suffered serious security breaches, allowing the issuance of certificates for well-known domains to those who don't own those domains. Trusting a large number of CAs might be a problem because any breached CA could issue a certificate for any domain name. DANE enables the administrator of a domain ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Domain Name System Security Extensions
The Domain Name System Security Extensions (DNSSEC) is a suite of Extension Mechanisms for DNS, extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS hijacking, DNS) in Internet Protocol (IPv6, IP) Networks and States, networks. The protocol provides message authentication, cryptographic authentication of data, SOCKS, authenticated denial of existence, and data Information_security#Integrity, integrity, but not Information_security#Availability, availability or Information_security#Confidentiality, confidentiality. Overview The original design of the Domain Name System did not include any security features. It was conceived only as a scalable distributed system. The Domain Name System Security Extensions (DNSSEC) attempt to add security, while maintaining backward compatibility. of 2004 documents some of the known threats to the DNS, and their solutions in DNSSEC. DNSSEC was designed to protect applicatio ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DNSSEC
The Domain Name System Security Extensions (DNSSEC) is a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System ( DNS) in Internet Protocol ( IP) networks. The protocol provides cryptographic authentication of data, authenticated denial of existence, and data integrity, but not availability or confidentiality. Overview The original design of the Domain Name System did not include any security features. It was conceived only as a scalable distributed system. The Domain Name System Security Extensions (DNSSEC) attempt to add security, while maintaining backward compatibility. of 2004 documents some of the known threats to the DNS, and their solutions in DNSSEC. DNSSEC was designed to protect applications using DNS from accepting forged or manipulated DNS data, such as that created by DNS cache poisoning. All answers from DNSSEC protected zones are digitally signed. By checking the digital signature, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Internet Security
Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms. Many methods are used to combat these threats, including encryption and ground-up engineering. Threats Emerging Threats Emerging cyberthreats are a result of recent technological breakthroughs. For example, deepfakes use AI to produce audio and video that seems real but are actually fake, which increases the danger of fraud and false information. Furthermore, traditional risks can be automated and strengthened by AI-driven attacks, making them harder to identify and neutralize. Malicious software Maliciou ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pretty Good Privacy
Pretty Good Privacy (PGP) is an encryption software, encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for digital signature, signing, encrypting, and decrypting texts, Email, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991. PGP and similar software follow the OpenPGP standard (RFC 4880), an open standard for encryption, encrypting and decrypting data. Modern versions of PGP are interoperability, interoperable with GnuPG and other OpenPGP-compliant systems. The OpenPGP standard has received criticism for its long-lived keys and the difficulty in learning it, as well as the EFAIL, Efail security vulnerability that previously arose when select e-mail programs used OpenPGP with S/MIME. The new OpenPGP standard (RFC 9580) has also been criticised by the maintainer of GnuPG Werner Koch, who in response created his own speci ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
GnuTLS
GnuTLS (, the GNU Transport Layer Security Library) is a free software implementation of the TLS, SSL and DTLS protocols. It offers an application programming interface (API) for applications to enable secure communication over the network transport layer, as well as interfaces to access X.509, PKCS #12, OpenPGP and other structures. Features GnuTLS consists of a library that allows client applications to start secure sessions using the available protocols. It also provides command-line tools, including an X.509 certificate manager, a test client and server, and random key and password generators. GnuTLS has the following features: * TLS 1.3, TLS 1.2, TLS 1.1, TLS 1.0, and SSL 3.0 protocols * Datagram TLS (DTLS) 1.2, and DTLS 1.0, protocols * TLS-SRP: Secure remote password protocol (SRP) for TLS authentication * TLS-PSK: Pre-shared key (PSK) for TLS authentication * X.509 and OpenPGP certificate handling * CPU assisted cryptography and cryptographic accelerator support ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
GitHub
GitHub () is a Proprietary software, proprietary developer platform that allows developers to create, store, manage, and share their code. It uses Git to provide distributed version control and GitHub itself provides access control, bug tracking system, bug tracking, software feature requests, task management, continuous integration, and wikis for every project. Headquartered in California, GitHub, Inc. has been a subsidiary of Microsoft since 2018. It is commonly used to host open source software development projects. GitHub reported having over 100 million developers and more than 420 million Repository (version control), repositories, including at least 28 million public repositories. It is the world's largest source code host Over five billion developer contributions were made to more than 500 million open source projects in 2024. About Founding The development of the GitHub platform began on October 19, 2005. The site was launched in April 2008 by Tom ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenSSL
OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping, and identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites. OpenSSL contains an open-source implementation of the SSL and TLS protocols. The core library, written in the C programming language, implements basic cryptographic functions and provides various utility functions. Wrappers allowing the use of the OpenSSL library in a variety of computer languages are available. The OpenSSL Software Foundation (OSF) represents the OpenSSL project in most legal capacities including contributor license agreements, managing donations, and so on. OpenSSL Software Services (OSS) also represents the OpenSSL project for support contracts. OpenSSL is available for most Unix-like operating systems (including Linux, macOS, and BSD), Microsoft Windows and OpenVMS. Project history The OpenSSL project wa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Tutanota
Tuta, formerly Tutanota, is an end-to-end encrypted email app and a freemium secure email service. The service is advertisement-free; it relies on donations and premium subscriptions. As of June 2023, Tutanota's owners claimed to have over 10 million users of the product. The company announced a transition to 100% renewable electricity in March 2019. This decision coincided with employee participation in Fridays for Future protests. On 1st October 2024, Tuta launched its standalone encrypted calendar app. Tuta Mail has recently integrated post-quantum cryptography features through its new protocol - ''TutaCrypt'' replacing standard encryption methods like RSA-2048 and AES-256 for its newly created accounts after March 2024. History Tutanota is derived from Latin and contains the words " tuta" and " nota" which means "secure message". Tutao GmbH was founded in 2011 in Hanover, Germany. The goal of the developers for Tuta is to fight for email privacy. Their vision gained ev ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
The Guardian
''The Guardian'' is a British daily newspaper. It was founded in Manchester in 1821 as ''The Manchester Guardian'' and changed its name in 1959, followed by a move to London. Along with its sister paper, ''The Guardian Weekly'', ''The Guardian'' is part of the Guardian Media Group, owned by the Scott Trust Limited. The trust was created in 1936 to "secure the financial and editorial independence of ''The Guardian'' in perpetuity and to safeguard the journalistic freedom and liberal values of ''The Guardian'' free from commercial or political interference". The trust was converted into a limited company in 2008, with a constitution written so as to maintain for ''The Guardian'' the same protections as were built into the structure of the Scott Trust by its creators. Profits are reinvested in its journalism rather than distributed to owners or shareholders. It is considered a newspaper of record in the UK. The editor-in-chief Katharine Viner succeeded Alan Rusbridger in 2015. S ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Posteo
Posteo is an email service provider based in Berlin, Germany, offering paid email accounts for individuals and businesses. The service gained prominence during the aftermath of the post-2013 global surveillance disclosures, especially for its high standard security features and relative anonymity as it does not require any private information in the registration process. Posteo offers support for DNSSEC/ DANE and PGP (through Mailvelope in the web interface, which is running open source Roundcube). Additionally, they offer two-factor-authentication via TOTP, Extended Validation certificates, HPKP for the HTTPS connection, and various themes to choose from, including dark mode. In 2022, Posteo had more than 500,000 active mail accounts. See also * Comparison of webmail providers The following tables compare general and technical information for a number of notable webmail providers who offer a web interface in English. The list does not include web hosting provid ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Prosody (software)
Prosody (formerly lxmppd) is a cross-platform XMPP server written in Lua. Its development goals include low resource usage, ease of use, and extensibility. Prosody uses the default XMPP ports, 5222 and 5269, for client-to-server and server-to-server communications respectively. History Prosody development was started by Matthew Wild in August 2008 and its first release, 0.1.0, was made in December 2008. Prosody was initially licensed under the GNU General Public License (version 2), but later switched to the MIT License in its 3rd release. Notable deployments The XMPP Standards Foundation runs Prosody oxmpp.org and uses the chatroom feature for meetings for various XSF teams. Identi.ca the micro-blogging service uses Prosody to deliver IM notifications. Remember the Milk uses Prosody to deliver IM based reminders. Collabora runs Prosody on proxies.telepathy.im to provide file transfer proxy lookup for Telepathy (and therefore Empathy). Peter Saint-Andre (the executiv ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Exim
Exim is a mail transfer agent (MTA) used on Unix-like operating systems. Exim is a free software distributed under the terms of the GNU General Public License, and it aims to be a general and flexible mailer with extensive facilities for checking incoming e-mail. Exim has been ported to most Unix-like systems, as well as to Microsoft Windows using the Cygwin emulation layer. Exim 4 is currently the default MTA on Debian Linux systems. Many Exim installations exist, especially within Internet service providers and universities in the United Kingdom. Exim is also widely used with the GNU Mailman mailing list manager, and cPanel. In March 2023 a study performed by E-Soft, Inc., approximated that 59% of the publicly reachable mail-servers on the Internet ran Exim. Origin The first version of Exim was written in 1995 by Philip Hazel for use in the University of Cambridge Computing Service’s e-mail systems. The name initially stood for EXperimental Internet Mailer. It was original ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
