📕 subnode [[@ankostis/dice design]]
in 📚 node [[dice-design]]
DICE design
:original-url: https://docs.google.com/document/d/1lrs2cEq8GjqSjLPWDcKwl8XYCYnChG2y0fWAgMLDlQI/edit
GPG
- Generate the perfect Key: https://alexcabal.com/creating-the-perfect-gpg-keypair/
- "Does GPG key expiration add to security?": http://security.stackexchange.com/questions/14718/does-openpgp-key-expiration-add-to-security?newreg=72720a55ed764868bb0a9d0b3a4c3809
- How to use authentication subkeys in gpg for SSH public key authentication: https://gist.github.com/andrewlkho/7373190
- Transition-statement with wget: https://blog.josefsson.org/2014/06/23/openpgp-key-transition-statement/
- Offline GnuPG Master Key and Subkeys on YubiKey NEO Smartcard: https://blog.josefsson.org/2014/06/23/offline-gnupg-master-key-and-subkeys-on-yubikey-neo-smartcard/
- Apache transition instructions: https://www.apache.org/dev/key-transition.html
- Use OFFLINE master keys: https://incenp.org/notes/2015/using-an-offline-gnupg-master-key.html & https://wiki.debian.org/Subkeys
- YUBICO PGPUser-Guide: https://github.com/drduh/YubiKey-Guide
- Compile new YUBICO GPG Applet: http://www.digitalllama.net/2014/03/importing-your-existing-gpg-key-into.html
- YUBICO genkeys In+Out of card: https://www.esev.com/blog/post/2015-01-pgp-ssh-key-on-yubikey-neo/
- CMD EXAMPLES: http://www.spywarewarrior.com/uiuc/gpg/gpg-com-4.htm
- GPG evaluation 2016: https://www.gnupg.org/conf/2016/openpgp-2016-a-few-concerns.pdf
-
X509 sign:
- https://raymii.org/s/tutorials/Sign_and_verify_text_files_to_public_keys_via_the_OpenSSL_Command_Line.html
- SO1: http://security.stackexchange.com/questions/108163/sign-gnupg-master-key-with-own-x-509-certificate
- SO Bridge: http://crypto.stackexchange.com/questions/11582/openpgp-x-509-bridge-how-to-verify-public-key/11709#11709
- Signing policy and pgp<-->509 signig instructions: http://psmay.com/aught-six/key-signing-policy, Questions: http://psmay.com/notary/
- Can we trust GPG? http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.97.9895&rep=rep1&type=pdf
- GPG-key stats: http://pgp.science.uu.nl/stats/02b02f070712febd.html
- on pgp model retirement: https://www.ctrlc.hu/~stef/blog/posts/on_pgp.html
- https://eprint.iacr.org/2015/967
-
Git:
- https://github.com/blog/2338-sha-1-collision-detection-on-github-com
- [1] https://blogs.technet.microsoft.com/srd/2012/06/06/flame-malware-collision-attack-explained/
- [2] http://eprint.iacr.org/2014/871.pdf
- [3] https://github.com/sprohaska/git-sha-x
- [1] https://public-inbox.org/git/CA+55aFzJtejiCjV0e43+9oR3QuJK2PiFiLQemytoLpyJWe6P9w@mail.gmail.com/ [ - 2] https://public-inbox.org/git/alpine.LFD.2.20.1702281621050.22202@i7.lan/T/#u
ZK
ForwardSecureSignatures: http://www.cs.columbia.edu/~tal/papers/CJMM.pdf
📖 stoas
- public document at doc.anagora.org/dice-design
- video call at meet.jit.si/dice-design