/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to intro.xml

  • Committer: Teddy Hogeborn
  • Date: 2015-08-10 16:19:28 UTC
  • mto: (237.7.594 trunk)
  • mto: This revision was merged to the branch mainline in revision 325.
  • Revision ID: teddy@recompile.se-20150810161928-bnukog7l47j3pjix
Depend on Avahi and the network in the server's systemd service file.

* mandos.service ([Unit]/After): New; set to "network.target" and
  "avahi-daemon.service".
  ([Unit]/RequisiteOverridable): New; set to "avahi-daemon.service".

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
1
<?xml version="1.0" encoding="UTF-8"?>
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
 
<!ENTITY TIMESTAMP "2014-06-22">
 
4
<!ENTITY TIMESTAMP "2015-07-20">
5
5
<!ENTITY % common SYSTEM "common.ent">
6
6
%common;
7
7
]>
32
32
    <copyright>
33
33
      <year>2011</year>
34
34
      <year>2012</year>
 
35
      <year>2013</year>
 
36
      <year>2014</year>
 
37
      <year>2015</year>
35
38
      <holder>Teddy Hogeborn</holder>
36
39
      <holder>Björn Påhlsson</holder>
37
40
    </copyright>
197
200
      </para>
198
201
    </refsect2>
199
202
    
 
203
    <refsect2 id="sniff">
 
204
      <title>How about sniffing the network traffic and decrypting it
 
205
      later by physically grabbing the Mandos client and using its
 
206
      key?</title>
 
207
      <para>
 
208
        We only use <acronym>PFS</acronym> (Perfect Forward Security)
 
209
        key exchange algorithms in TLS, which protects against this.
 
210
      </para>
 
211
    </refsect2>
 
212
    
200
213
    <refsect2 id="physgrab">
201
214
      <title>Physically grabbing the Mandos server computer?</title>
202
215
      <para>