This site contains a wealth of unique information originating from various projects led by CONNOTECH Experts-conseils inc.
The PKC-only security scheme, about which some work-in-progress documents are made available
|
• |
A work-in-progress document, recording the design decisions: "A Project Medley Design Notebook". |
|
• |
The launch document for the PKC-only application security scheme, showing how it may be fielded with the mainstream TLS protocol support in web-enabled secure applications: Explicit Meaningless X.509 Security Certificates as a Specifications-Based Interoperability Mechanism. See also a document prepared with the IETF editorial conventions (http://www.connotech.com/public-domain-aixcm-00.txt). |
TAKREM, SAKEM and Other Information Security Topics
|
• |
A document focused on DNS root signature, Towards a Process Flow for DNS Root Zone File Signature with KSK Rollover Provisions. This is part of a contribution to a public consultation by the US government. The preceding document is still available, A (Pro?-)Position Paper re DNS Root Zone File Signature Using DNSSEC Protocols. | ||||
|
• |
The high level document Six Roles for Early Introduction of DNSSEC is a must-read for experts and would-be experts on DNSSEC deployment. | ||||
|
• |
The above proposal is based on two specific contributions towards DNSSEC deloyment: | ||||
| |||||
|
This material is in rather crude form. An attempt to present an executive summary has been posted to a specialized blog. | |||||
|
• |
The SISATA proposition document, disclosing a unique approach to DNSSEC deployment challenges. (SISATA: Stable Island of Security Agency for Trust Announcements.) | ||||
|
• |
TAKREM, Trust Anchor Key REnewal Method, with application to DNS security. An FAQ document is also available. | ||||
|
Software tools are available (GPL'ed free software). This includes a complete solution for DNS zone management procedures (i.e. trust anchor key management and DNS authoritative nameserver operations), and an API for TAKREM support in DNSSEC-aware resolver software. The software development planning aspects are covered in two documents, respectively for the server side and the client side. | |||||
|
Three Internet drafts: draft-moreau-dnsext-tak-req, draft-moreau-dnsext-sdda-rr, and draft-moreau-dnsext-takrem-dns. | |||||
|
A document about DNSSEC performance impact: "A Short Note about DNSSEC Impact on Root Server Answer Sizes". | |||||
|
• |
SAKEM, Secret Authentication Key Establishment Method | ||||
|
• |
Surprisingly, when we needed a simple specification for a well-known public key cryptography digital signature scheme, we had to write one: Scirpo, a Basic Rabin-Williams Digital Signature Specification. | ||||
|
• |
Other Cryptography and Information Security Documents |
Embedded Systems Development, Microprocessor Systems
|
• |
Microprocessor Development Toolkit, Powerful 32 Bits Processor | ||||||
|
• |
Major components from this kit: | ||||||
| |||||||
|
• |
Documents about Free Software Licensing |
[ CONNOTECH home page: http://www.connotech.com | e-mail to: info@connotech.com ]