Security
From Just Solve the File Format Problem
(Difference between revisions)
Dan Tobias (Talk | contribs) |
|||
| Line 16: | Line 16: | ||
== Authentication == | == Authentication == | ||
* [[SAML]] (Security Assertion Markup Language) | * [[SAML]] (Security Assertion Markup Language) | ||
| + | |||
| + | == Claim representation == | ||
| + | * [[JSON Web Tokens]] (JWT) | ||
== Digital certificates, keys, etc. == | == Digital certificates, keys, etc. == | ||
| Line 50: | Line 53: | ||
== Electronic signatures == | == Electronic signatures == | ||
* [[HMAC]] (Hash-based message authentication code) | * [[HMAC]] (Hash-based message authentication code) | ||
| + | * [[JSON Web Signatures]] (JWS) | ||
== Malware/spyware == | == Malware/spyware == | ||
Revision as of 20:19, 22 April 2017
Formats specific to the storage and transmission of security information.
See also:
Contents |
App provisioning and DRM
- Mobile Provision file (.mobileprovision; used for installing iOS apps)
Authentication
- SAML (Security Assertion Markup Language)
Claim representation
- JSON Web Tokens (JWT)
Digital certificates, keys, etc.
- ASCII Armor (.arm; old for base64)
- Card Verifiable Certificate (CVC)
- Canonical Encoding Rules (.cer)
- Certificate Revocation List (.crl)
- Certificate Signing Request
- Certificate Trust List (.stl)
- DER (Distinguished Encoding Rules)
- DER encoded certificate (.der, .crt)
- DER encoded RSA private key
- Microsoft Serialized Certificate Store (.sst)
- PEM
- PEM encoded certificate (.pem, .crt)
- PEM encoded RSA private key (.key)
- PFX (original format)
- PGP public key
- PKCS
- PKCS7 (PKCS #7, Cryptographic Message Syntax Standard)
- PKCS7 certificate (.p7b, .p7c, .spc)
- PKCS10 (PKCS #10 Certificate Signing Request, .p10, .csr)
- PKCS11 (PKCS #11 Cryptographic Token Interface Standard; Cryptoki API)
- PKCS12 (PKCS #12, PFX, Personal Information Exchange, .p12, .pfx)
- PVK
- RSA private key
- SPKAC
- X.509 certificate
Digital certificate collections
Electronic signatures
- HMAC (Hash-based message authentication code)
- JSON Web Signatures (JWS)
Malware/spyware
Password managers
Protocols
- TLS (including SSL)
Security policies
- Adobe Cross Domain Policy File
- Content Security Policy
- Label Encodings (files determining information classification labels for multi-level security environments)
- Sudoers (module and file determining user privileges)
Software
Links and references
- Various SSL/TLS Certificate File Types/Extensions (MSDN article)
- Hashcat: password cracking program
- Can someone be targeted using the Adobe breach?
- xkcd comic about Adobe password breach situation
- Improving security in Firefox
- 2014 Super Bowl security (picture)
- Senate cybersecurity report finds agencies often fail to take basic preventive measures
- What happens with Digital Rights Management in the real world?
- Xbox password flaw exposed by five-year-old boy (And Microsoft thanked the kid instead of getting him arrested, imagine that.)
- Be Still My Breaking Heart
- When two-factor authentication is not enough
- origins of libressl
- Why blurring sensitive information is a bad idea
- How to crack many Master Lock combinations in eight tries or less
