aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormaxigas <maxigas@anargeek.net>2013-04-11 19:27:08 +0200
committermaxigas <maxigas@anargeek.net>2013-04-11 19:27:08 +0200
commit9652ab3d2d48ad8d1f607a63dbd8d24293a1a8f3 (patch)
tree489c693c71095769b77ccccfbd61c611f654f705
parentcd54486619d763da416be700770a4d9e947c1850 (diff)
downloadpolicy-9652ab3d2d48ad8d1f607a63dbd8d24293a1a8f3.tar.gz
policy-9652ab3d2d48ad8d1f607a63dbd8d24293a1a8f3.tar.bz2
small change
-rw-r--r--best_practices.mdwn42
1 files changed, 21 insertions, 21 deletions
diff --git a/best_practices.mdwn b/best_practices.mdwn
index 9349779..62f46aa 100644
--- a/best_practices.mdwn
+++ b/best_practices.mdwn
@@ -6,36 +6,36 @@ Translations: [[Castellano|best practices_es]]
Obviously, every security/privacy level requires that you keep your software up to date to the current knowledge of security issues.
-## Mail with Exim
+# Mail with Exim
-### Level 1
+## Level 1
-### Level 2
+## Level 2
-#### TLS is required with other level 2 compliant servers. Certificates are verified with fingerprint.
+### TLS is required with other level 2 compliant servers. Certificates are verified with fingerprint.
* [StartTLS-exim](http://aland.burngreave.net/archives/2009/12/30/index.html#e2009-12-30T16_26_49.txt)
-## Mail with Postfix
+# Mail with Postfix
-### Level 1
+## Level 1
-#### If the server adds the IP address of a user sending a mail through its service anywhere in the email, the user is informed about this.
+### If the server adds the IP address of a user sending a mail through its service anywhere in the email, the user is informed about this.
Not a matter of server configuration: you should use your communication channels to pass this information to your existing users (e.g. newsletter, announcement mailing list). New users should be informed as part of the account signup process. You may additionally explain this on your website.
-#### The connections between the user and the server are always encrypted.
+### The connections between the user and the server are always encrypted.
* Server Side: [Configure Postfix to use X.509 certificate](http://koti.kapsi.fi/ptk/postfix/postfix-tls-cacert.shtml) retrieved on Apr 3 2013
* Client side: Kindly ask your provider for documentation :)
-#### Use (Start)TLS to exchange mails with other servers whenever available
+### Use (Start)TLS to exchange mails with other servers whenever available
* This is called *opportunistic* encryption.
-#### The server must have its own X.509 certificate signed by one of a given set of certificate authorities.
+### The server must have its own X.509 certificate signed by one of a given set of certificate authorities.
There are many problems with the X.509 ecosystem, partly explained here: http://lair.fifthhorseman.net/~dkg/tls-centralization/
@@ -49,29 +49,29 @@ c. Self Signed certificates/Own Authority: con: not included in the default mail
d. Monkeysphere: You can use openPGP keys (certifications) to authenticate services. This is technically an excellent solution, albeit not really supported in popular software. If you have power users, we recommend trying it out. More information on [Monkeysphere website](http://monkeysphere.info/)
-### Level 2
+## Level 2
-#### The server doesn't add the IP address of a user sending a mail through its service anywhere in the email.
+### The server doesn't add the IP address of a user sending a mail through its service anywhere in the email.
* [IPs in headers]( https://we.riseup.net/debian/mail#postfix )
-#### TLS is required with other level 2 compliant servers. Certificates are verified with fingerprint.
+### TLS is required with other level 2 compliant servers. Certificates are verified with fingerprint.
An equivalent solution is to implement an IPsec link between relevant collectives which makes it unnecessary to use TLS.
In order to implement this, you need to know the up-to-date fingerprints of the certificates of the groups that you plan to cooperate with in this way. There are many ways to do this, but it depends too much on social and technical context so we will not detail them here, only state that it is a requirement. Pinning those fingerprints and updating them when changed can be a hassle (unless an automated and secure protocol and implementation for this purpose becomes available).
* [Postfix TLS README](http://www.postfix.org/TLS_README.html )
-### Level 3
+## Level 3
-#### Mail is also available as a hidden Tor service.
+### Mail is also available as a hidden Tor service.
* [Torproject: Tor Hidden Service documentation](https://www.torproject.org/docs/tor-hidden-service.html.en) → adapt to the needs of a mailserver.
* Client: [torbirdy](https://trac.torproject.org/projects/tor/wiki/torbirdy) is a useful Thunderbird extension to make use of such a hidden service.
-## Filesystems and Storage
+# Filesystems and Storage
-### Level 1
+## Level 1
* User data that is not publicly accessible is stored encrypted, using a strong passphrase. See best practices documents for details. This includes mails, databases, list archives, restricted websites and others.
@@ -80,19 +80,19 @@ In GNU/Linux, cryptsetup:
* [How to set up an encrypted filesystem in several easy steps?](http://www.debian-administration.org/articles/469)
* [Setting up an encrypted Debian system](http://madduck.net/docs/cryptdisk/)
-### Level 2
+## Level 2
-#### Swap is stored encrypted.
+### Swap is stored encrypted.
For this you can use said cryptsetup too.
-#### The operating system and its configuration is stored encrypted with a strong passphrase. See best practices documents for details.
+### The operating system and its configuration is stored encrypted with a strong passphrase. See best practices documents for details.
Today you can use many OS installers that achieve this: Ubuntu alternative text installer?
Don't rely on hard drives that promote encryption on the disklayer, they are often not properly implemented or come with backdoors for example
-### Level 3
+## Level 3
* Swap is encrypted with a random key on boot.
* Create an encrypted swap area http://www.microhowto.info/howto/create_an_encrypted_swap_area.html