Security

Formats specific to the storage and transmission of security information.

See also:
 * Encryption
 * E-Mail, newsgroups, and forums: Secure messaging

App provisioning and DRM
Main article: Digital Rights Management


 * Mobile Provision file (.mobileprovision; used for installing iOS apps)

Authentication

 * SAML (Security Assertion Markup Language)

Claim representation

 * JSON Web Tokens (JWT)

Digital certificates, keys, etc.

 * ASCII Armor (.arm; old for base64)
 * Card Verifiable Certificate (CVC)
 * Canonical Encoding Rules (.cer)
 * Certificate Revocation List (.crl)
 * Certificate Signing Request
 * Certificate Trust List (.stl)
 * DER (Distinguished Encoding Rules)
 * DER encoded certificate (.der, .crt)
 * DER encoded RSA private key
 * Microsoft Serialized Certificate Store (.sst)
 * PEM
 * PEM encoded certificate (.pem, .crt)
 * PEM encoded RSA private key (.key)
 * PFX (original format)
 * PGP public key
 * PKCS
 * PKCS7 (PKCS #7, Cryptographic Message Syntax Standard)
 * PKCS7 certificate (.p7b, .p7c, .spc)
 * PKCS10 (PKCS #10 Certificate Signing Request, .p10, .csr)
 * PKCS11 (PKCS #11 Cryptographic Token Interface Standard; Cryptoki API)
 * PKCS12 (PKCS #12, PFX, Personal Information Exchange, .p12, .pfx)
 * PVK
 * RSA private key
 * SPKAC
 * X.509 certificate

Digital certificate collections

 * Security Catalog

Electronic signatures

 * Authenticode signature
 * Digital watermark
 * FSecure (PaceSoft)
 * HMAC (Hash-based message authentication code)
 * JSON Web Signatures (JWS)

Malware/spyware

 * Pegasus
 * Regin
 * Superfish

Passwords

 * eWallet
 * KBDX
 * passwd (/etc/passwd)

See also Encryption.

Protocols

 * TLS (including SSL)

Security policies

 * Adobe Cross Domain Policy File
 * Content Security Policy
 * Label Encodings (files determining information classification labels for multi-level security environments)
 * PAM configuration file
 * Security.txt
 * Sudoers (module and file determining user privileges)

Software

 * OpenSSL

Verification

 * Verifpal (.vp) (language for modeling aspects of security protocols to test for soundness)

Links and references

 * Various SSL/TLS Certificate File Types/Extensions (MSDN article)
 * Hashcat: password cracking program
 * Can someone be targeted using the Adobe breach?
 * xkcd comic about Adobe password breach situation
 * Improving security in Firefox
 * 2014 Super Bowl security (picture)
 * Senate cybersecurity report finds agencies often fail to take basic preventive measures
 * Xbox password flaw exposed by five-year-old boy (And Microsoft thanked the kid instead of getting him arrested, imagine that.)
 * Be Still My Breaking Heart
 * When two-factor authentication is not enough
 * origins of libressl
 * Why blurring sensitive information is a bad idea
 * How to crack many Master Lock combinations in eight tries or less